SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)

2012-05-17T00:00:00

Description

This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues. The following security issues are addressed : - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210) - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile. (CVE-2008-3528) - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716) All other bugfixes can be found by looking at the RPM changelog.

{"id": "SUSE_KERNEL-5735.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)", "description": "This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.", "published": "2012-05-17T00:00:00", "modified": "2021-01-14T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/59134", "reporter": "This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6716", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3528", "http://support.novell.com/security/cve/CVE-2008-3528.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4210", "http://support.novell.com/security/cve/CVE-2008-4210.html", "http://support.novell.com/security/cve/CVE-2007-6716.html"], "cvelist": ["CVE-2007-6716", "CVE-2008-3528", "CVE-2008-4210"], "immutableFields": [], "lastseen": "2023-05-18T14:23:25", "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2008:0885", "CESA-2008:0957", "CESA-2008:0972", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0326"]}, {"type": "cve", "idList": ["CVE-2007-6716", "CVE-2008-3528", "CVE-2008-3833", "CVE-2008-4210"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1653-1:79C02", "DEBIAN:DSA-1681-1:67CE4", "DEBIAN:DSA-1687-1:1BA38"]}, {"type": "fedora", "idList": ["FEDORA:0A08C10F8CD", "FEDORA:2A46A208DA7", "FEDORA:6D5F810F87F", "FEDORA:EA327208DDB"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2008-0885.NASL", "CENTOS_RHSA-2008-0957.NASL", "CENTOS_RHSA-2008-0972.NASL", "CENTOS_RHSA-2008-0973.NASL", "CENTOS_RHSA-2009-0326.NASL", "DEBIAN_DSA-1653.NASL", "DEBIAN_DSA-1681.NASL", "DEBIAN_DSA-1687.NASL", "MANDRIVA_MDVSA-2008-224.NASL", "ORACLELINUX_ELSA-2008-0885.NASL", "ORACLELINUX_ELSA-2008-0957.NASL", "ORACLELINUX_ELSA-2008-0972.NASL", "ORACLELINUX_ELSA-2008-0973.NASL", "ORACLELINUX_ELSA-2009-0326.NASL", "ORACLEVM_OVMSA-2008-2006.NASL", "ORACLEVM_OVMSA-2009-0004.NASL", "REDHAT-RHSA-2008-0885.NASL", "REDHAT-RHSA-2008-0957.NASL", "REDHAT-RHSA-2008-0972.NASL", "REDHAT-RHSA-2008-0973.NASL", "REDHAT-RHSA-2009-0001.NASL", "REDHAT-RHSA-2009-0326.NASL", "SL_20080924_KERNEL_ON_SL5_X.NASL", "SL_20081104_KERNEL_ON_SL5_X.NASL", "SL_20081119_KERNEL_ON_SL4_X.NASL", "SL_20081216_KERNEL_ON_SL3_X.NASL", "SL_20090401_KERNEL_ON_SL5_X.NASL", "SUSE_11_0_KERNEL-081022.NASL", "SUSE_KERNEL-5667.NASL", "SUSE_KERNEL-5668.NASL", "SUSE_KERNEL-5700.NASL", "SUSE_KERNEL-5734.NASL", "SUSE_KERNEL-5751.NASL", "UBUNTU_USN-659-1.NASL", "UBUNTU_USN-662-1.NASL", "UBUNTU_USN-679-1.NASL", "VMWARE_VMSA-2009-0014.NASL", "VMWARE_VMSA-2009-0014_REMOTE.NASL", "VMWARE_VMSA-2009-0016.NASL", "VMWARE_VMSA-2009-0016_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122501", "OPENVAS:1361412562310122545", "OPENVAS:1361412562310122555", "OPENVAS:136141256231063097", "OPENVAS:136141256231063132", "OPENVAS:136141256231063250", "OPENVAS:136141256231063290", "OPENVAS:136141256231063344", "OPENVAS:136141256231063712", "OPENVAS:136141256231063752", "OPENVAS:136141256231064077", "OPENVAS:136141256231064296", "OPENVAS:136141256231065175", "OPENVAS:136141256231065259", "OPENVAS:136141256231065914", "OPENVAS:1361412562310830443", "OPENVAS:1361412562310830717", "OPENVAS:1361412562310870022", "OPENVAS:1361412562310870061", "OPENVAS:1361412562310870087", "OPENVAS:1361412562310870088", "OPENVAS:1361412562310880041", "OPENVAS:1361412562310880079", "OPENVAS:1361412562310880082", "OPENVAS:1361412562310880111", "OPENVAS:1361412562310880702", "OPENVAS:1361412562310880937", "OPENVAS:61775", "OPENVAS:62843", "OPENVAS:62957", "OPENVAS:63097", "OPENVAS:63132", "OPENVAS:63250", "OPENVAS:63290", "OPENVAS:63344", "OPENVAS:63712", "OPENVAS:63752", "OPENVAS:64077", "OPENVAS:64296", "OPENVAS:65175", "OPENVAS:65259", "OPENVAS:65914", "OPENVAS:830443", "OPENVAS:830717", "OPENVAS:840224", "OPENVAS:840288", "OPENVAS:840296", "OPENVAS:850001", "OPENVAS:850005", "OPENVAS:850008", "OPENVAS:850035", "OPENVAS:850045", "OPENVAS:860598", "OPENVAS:870022", "OPENVAS:870061", "OPENVAS:870087", "OPENVAS:870088", "OPENVAS:880041", "OPENVAS:880079", "OPENVAS:880082", "OPENVAS:880111", "OPENVAS:880702", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0885", "ELSA-2008-0957", "ELSA-2008-0972", "ELSA-2008-0973", "ELSA-2009-0225", "ELSA-2009-0326", "ELSA-2009-1243"]}, {"type": "osv", "idList": ["OSV:DSA-1653-1", "OSV:DSA-1681-1", "OSV:DSA-1687-1"]}, {"type": "redhat", "idList": ["RHSA-2008:0787", "RHSA-2008:0885", "RHSA-2008:0957", "RHSA-2008:0972", "RHSA-2008:0973", "RHSA-2009:0001", "RHSA-2009:0009", "RHSA-2009:0326"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20702", "SECURITYVULNS:DOC:20820", "SECURITYVULNS:DOC:28783", "SECURITYVULNS:VULN:9357", "SECURITYVULNS:VULN:9409"]}, {"type": "seebug", "idList": ["SSV:4118", "SSV:4159"]}, {"type": "suse", "idList": ["SUSE-SA:2008:047", "SUSE-SA:2008:051", "SUSE-SA:2008:052", "SUSE-SA:2008:053", "SUSE-SA:2008:056", "SUSE-SA:2008:057"]}, {"type": "ubuntu", "idList": ["USN-659-1", "USN-662-1", "USN-679-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-6716", "UB:CVE-2008-3528", "UB:CVE-2008-3833", "UB:CVE-2008-4210"]}, {"type": "veracode", "idList": ["VERACODE:23411", "VERACODE:23467", "VERACODE:23510"]}, {"type": "vmware", "idList": ["VMSA-2009-0014", "VMSA-2009-0014.3", "VMSA-2009-0016", "VMSA-2009-0016.6"]}]}, "score": {"value": -0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2008:0885", "CESA-2008:0957", "CESA-2008:0972", "CESA-2008:0973", "CESA-2009:0001-01", "CESA-2009:0326"]}, {"type": "cve", "idList": ["CVE-2007-6716"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1687-1:1BA38"]}, {"type": "fedora", "idList": ["FEDORA:2A46A208DA7"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-SA-2008-047/"]}, {"type": "nessus", "idList": ["SL_20081216_KERNEL_ON_SL3_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065259", "OPENVAS:830717", "OPENVAS:880937"]}, {"type": "oraclelinux", "idList": ["ELSA-2008-0885", "ELSA-2008-0957", "ELSA-2008-0972", "ELSA-2008-0973", "ELSA-2009-0225"]}, {"type": "redhat", "idList": ["RHSA-2008:0885", "RHSA-2008:0957", "RHSA-2008:0972", "RHSA-2008:0973"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:20820"]}, {"type": "seebug", "idList": ["SSV:4118"]}, {"type": "suse", "idList": ["SUSE-SA:2008:047"]}, {"type": "ubuntu", "idList": ["USN-659-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2007-6716"]}, {"type": "vmware", "idList": ["VMSA-2009-0016"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2007-6716", "epss": 0.00044, "percentile": 0.0825, "modified": "2023-05-07"}, {"cve": "CVE-2008-3528", "epss": 0.00123, "percentile": 0.45226, "modified": "2023-05-07"}, {"cve": "CVE-2008-4210", "epss": 0.00042, "percentile": 0.00487, "modified": "2023-05-07"}], "vulnersScore": -0.5}, "_state": {"dependencies": 1684423147, "score": 1684420145, "epss": 0}, "_internal": {"dependencies_hash": "6e761c35ecf55a20acdf81040166ece8", "score_hash": "15e69a71cdbde970001a12879ccf13f1"}, "pluginID": "59134", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59134);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes\nvarious bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not\n properly strip setuid and setgid bits when there is a\n write to a file, which allows local users to gain the\n privileges of a different group, and obtain sensitive\n information or possibly have unspecified other impact,\n by creating an executable file in a setgid directory\n through the (1) truncate or (2) ftruncate function in\n conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5735.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["cpe:/o:suse:suse_linux"], "solution": "Apply ZYPP patch number 5735.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vendor_cvss2": {"score": 4.7, "vector": "CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "vendor_cvss3": {"score": null, "vector": null}, "vpr": {"risk factor": "High", "score": "8.8"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2008-11-03T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": []}

{"suse": [{"lastseen": "2016-09-04T11:17:44", "description": "This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues. The released version is 2.6.16.54-0.2.12.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2008-12-03T11:07:23", "type": "suse", "title": "denial of service in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2008-12-03T11:07:23", "id": "SUSE-SA:2008:056", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00000.html", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:49:45", "description": "This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and some security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2008-10-21T11:36:32", "type": "suse", "title": "local privilege escalation in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2008-10-21T11:36:32", "id": "SUSE-SA:2008:051", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00007.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:18:19", "description": "This update of the Linux kernel for SUSE Linux Enterprise Server 9 SP4 contains various bugfixes and some security fixes.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2008-12-04T18:25:26", "type": "suse", "title": "denial of service in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-5029", "CVE-2008-4210", "CVE-2008-4395"], "modified": "2008-12-04T18:25:26", "id": "SUSE-SA:2008:057", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00001.html", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:16", "description": "The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs and security fixes.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2008-10-21T15:41:15", "type": "suse", "title": "remote denial of service in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-2826", "CVE-2008-3525", "CVE-2008-4576", "CVE-2008-3276", "CVE-2007-6716", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2008-10-21T15:41:15", "id": "SUSE-SA:2008:052", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00008.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:13:25", "description": "The Linux kernel in the SUSE Linux Enterprise Server 9 Service Pack 4 was released to fix various bugs and also some security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2008-10-01T15:09:37", "type": "suse", "title": "remote denial of service in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-3272", "CVE-2008-0598", "CVE-2008-3525", "CVE-2007-6716", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2008-10-01T15:09:37", "id": "SUSE-SA:2008:047", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:53:06", "description": "This patch updates the openSUSE 11.0 kernel to the 2.6.25.18 stable release.\n#### Solution\nThere is no known workaround, please install the update packages.", "cvss3": {}, "published": "2008-10-27T17:50:21", "type": "suse", "title": "remote denial of service in kernel", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-4445", "CVE-2008-4618", "CVE-2008-4113", "CVE-2008-4576", "CVE-2008-3792", "CVE-2008-4410", "CVE-2008-3911", "CVE-2008-3526"], "modified": "2008-10-27T17:50:21", "id": "SUSE-SA:2008:053", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-12-12T11:19:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2008:056", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850001", "href": "http://plugins.openvas.org/nasl.php?oid=850001", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_056.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for kernel SUSE-SA:2008:056\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It\n fixes various bugs and security issues. The released version is\n 2.6.16.54-0.2.12.\n\n Following security issues are addressed:\n\n CVE-2008-4210: fs/open.c in the Linux kernel before 2.6.22 does not\n properly strip setuid and setgid bits when there is a write to a\n file, which allows local users to gain the privileges of a different\n group, and obtain sensitive information or possibly have unspecified\n other impact, by creating an executable file in a setgid directory\n through the (1) truncate or (2) ftruncate function in conjunction\n with memory-mapped I/O.\n\n CVE-2008-3528: The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem image or partition\n that have corrupted dir->i_size and dir->i_blocks, a user performing\n either a read or write operation on the mounted image or partition\n can lead to a possible denial of service by spamming the logfile.\n\n CVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows local users\n to cause a denial of service (OOPS), as demonstrated by a certain\n fio test.\n\n All other bugfixes can be found by looking at the RPM changelog.\";\n\ntag_impact = \"denial of service\";\ntag_affected = \"kernel on SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850001);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-056\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"SuSE Update for kernel SUSE-SA:2008:056\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"LES10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.54~0.2.12\", rls:\"LES10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.54~0.2.12\", rls:\"SLESDK10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.54~0.2.12\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.54~0.2.12\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.54~0.2.12\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.54~0.2.12\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.54~0.2.12\", rls:\"SLESDk10SP1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:10", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065914", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065914", "sourceData": "#\n#VID slesp2-kernel-5668\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65914\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3528\", \"CVE-2008-1514\", \"CVE-2007-6716\", \"CVE-2008-3525\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmipae\", rpm:\"kernel-vmipae~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:51", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "SLES10: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65914", "href": "http://plugins.openvas.org/nasl.php?oid=65914", "sourceData": "#\n#VID slesp2-kernel-5668\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-kdump\n kernel-smp\n kernel-source\n kernel-syms\n kernel-vmi\n kernel-vmipae\n kernel-xen\n kernel-xenpae\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65914);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3528\", \"CVE-2008-1514\", \"CVE-2007-6716\", \"CVE-2008-3525\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-vmipae\", rpm:\"kernel-vmipae~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.60~0.31\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:37", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2008:051", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850005", "href": "http://plugins.openvas.org/nasl.php?oid=850005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_051.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for kernel SUSE-SA:2008:051\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes\n various bugs and some security problems:\n\n CVE-2008-4210: When creating a file, open()/creat() allowed the setgid\n bit to be set via the mode argument even when, due to the bsdgroups\n mount option or the file being created in a setgid directory, the new\n file's group is one which the user is not a member of. The local\n attacker could then use ftruncate() and memory-mapped I/O to turn\n the new file into an arbitrary binary and thus gain the privileges\n of this group, since these operations do not clear the setgid bit."\n\n CVE-2008-3528: The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem image or partition\n that have corrupted dir->i_size and dir->i_blocks, a user performing\n either a read or write operation on the mounted image or partition\n can lead to a possible denial of service by spamming the logfile.\n\n CVE-2008-1514: The S/390 ptrace code allowed local users to cause\n a denial of service (kernel panic) via the user-area-padding test\n from the ptrace test suite in 31-bit mode, which triggers an invalid\n dereference.\n\n CVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows local users\n to cause a denial of service (OOPS), as demonstrated by a certain\n fio test.\n\n CVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\n\n Also OCFS2 was updated to version v1.4.1-1.\n\n The full amount of changes can be reviewed in the RPM changelog.\";\n\ntag_impact = \"local privilege escalation\";\ntag_affected = \"kernel on SLE SDK 10 SP2, SUSE Linux Enterprise Desktop 10 SP2, SUSE Linux Enterprise 10 SP2 DEBUGINFO, SUSE Linux Enterprise Server 10 SP2\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850005);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-051\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"SuSE Update for kernel SUSE-SA:2008:051\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"LES10SP2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.60~0.31\", rls:\"LES10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDK10SP2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.16.60~0.31\", rls:\"SLESDK10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"SLESDk10SP2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.16.60~0.31\", rls:\"SLESDk10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.16.60~0.31\", rls:\"SLESDk10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.16.60~0.31\", rls:\"SLESDk10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.16.60~0.31\", rls:\"SLESDk10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.16.60~0.31\", rls:\"SLESDk10SP2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:09", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0972-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870088", "href": "http://plugins.openvas.org/nasl.php?oid=870088", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0972-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * a flaw was found in the Linux kernel's Direct-IO implementation. This\n could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\n kernel, a local unprivileged user could cause a denial of service by\n reading from or writing into a padding area in the user_regs_struct32\n structure. (CVE-2008-1514, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could have allowed a local unprivileged\n user to obtain access to privileged information. (CVE-2008-4210, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel's Open Sound\n System (OSS) implementation. This deficiency could have led to an\n information leak. (CVE-2008-3272, Moderate)\n \n * a potential denial of service attack was discovered in the Linux kernel's\n PWC USB video driver. A local unprivileged user could have used this flaw\n to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n \n * the ext2 and ext3 file systems code failed to properly handle corrupted\n data structures, leading to a possible local denial of service issue when\n read or write operations were performed. (CVE-2008-3528, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * when using the CIFS "forcedirectio" option, appending to an open file on\n a CIFS share resulted in that file being overwritten with the data to be\n appended.\n \n * a kernel panic occurred when a device with PCI ID 8086:10c8 was present\n on a system with a loaded ixgbe driver.\n \n * due to an aacraid driver regression, the kernel failed to boot when trying\n to load the aacraid driver and printed the following error message:\n "aac_srb: aac_fib_send failed with status: 8195".\n \n * due to an mpt driver regression, when RAID 1 was configured on Primergy\n systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\n during boot.\n \n * the mpt driver produced a large number of extraneous debugging messages\n when performing a "Host reset" operation.\n \n * due to a regression in the sym driver, the kernel panicked when a SCSI\n hot swap was performed using MCP18 hardware.\n \n * all cores on a multi-core system now scale their frequencies in\n accordance with the policy set by t ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-November/msg00010.html\");\n script_id(870088);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0972-01\");\n script_cve_id(\"CVE-2008-3272\", \"CVE-2007-6716\", \"CVE-2007-5093\", \"CVE-2008-1514\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"RedHat Update for kernel RHSA-2008:0972-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:39", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0972 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880041", "href": "http://plugins.openvas.org/nasl.php?oid=880041", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0972 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * a flaw was found in the Linux kernel's Direct-IO implementation. This\n could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\n kernel, a local unprivileged user could cause a denial of service by\n reading from or writing into a padding area in the user_regs_struct32\n structure. (CVE-2008-1514, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could have allowed a local unprivileged\n user to obtain access to privileged information. (CVE-2008-4210, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel's Open Sound\n System (OSS) implementation. This deficiency could have led to an\n information leak. (CVE-2008-3272, Moderate)\n \n * a potential denial of service attack was discovered in the Linux kernel's\n PWC USB video driver. A local unprivileged user could have used this flaw\n to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n \n * the ext2 and ext3 file systems code failed to properly handle corrupted\n data structures, leading to a possible local denial of service issue when\n read or write operations were performed. (CVE-2008-3528, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * when using the CIFS "forcedirectio" option, appending to an open file on\n a CIFS share resulted in that file being overwritten with the data to be\n appended.\n \n * a kernel panic occurred when a device with PCI ID 8086:10c8 was present\n on a system with a loaded ixgbe driver.\n \n * due to an aacraid driver regression, the kernel failed to boot when trying\n to load the aacraid driver and printed the following error message:\n "aac_srb: aac_fib_send failed with status: 8195".\n \n * due to an mpt driver regression, when RAID 1 was configured on Primergy\n systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\n during boot.\n \n * the mpt driver produced a large number of extraneous debugging messages\n when performing a "Host reset" operation.\n \n * due to a regression in the sym driver, the kernel panicked when a SCSI\n hot swap was performed using MCP18 hardware.\n \n * all cores on a multi-core system now scale their frequencies in\n accordance with the policy set by the system's CPU frequency governor.\n \n * the netdump subsystem suffered from several stability issues. These ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015424.html\");\n script_id(880041);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0972\");\n script_cve_id(\"CVE-2008-3272\", \"CVE-2007-6716\", \"CVE-2007-5093\", \"CVE-2008-1514\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"CentOS Update for kernel CESA-2008:0972 centos4 x86_64\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:58", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0972-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870088", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870088", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0972-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * a flaw was found in the Linux kernel's Direct-IO implementation. This\n could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\n kernel, a local unprivileged user could cause a denial of service by\n reading from or writing into a padding area in the user_regs_struct32\n structure. (CVE-2008-1514, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could have allowed a local unprivileged\n user to obtain access to privileged information. (CVE-2008-4210, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel's Open Sound\n System (OSS) implementation. This deficiency could have led to an\n information leak. (CVE-2008-3272, Moderate)\n \n * a potential denial of service attack was discovered in the Linux kernel's\n PWC USB video driver. A local unprivileged user could have used this flaw\n to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n \n * the ext2 and ext3 file systems code failed to properly handle corrupted\n data structures, leading to a possible local denial of service issue when\n read or write operations were performed. (CVE-2008-3528, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * when using the CIFS "forcedirectio" option, appending to an open file on\n a CIFS share resulted in that file being overwritten with the data to be\n appended.\n \n * a kernel panic occurred when a device with PCI ID 8086:10c8 was present\n on a system with a loaded ixgbe driver.\n \n * due to an aacraid driver regression, the kernel failed to boot when trying\n to load the aacraid driver and printed the following error message:\n "aac_srb: aac_fib_send failed with status: 8195".\n \n * due to an mpt driver regression, when RAID 1 was configured on Primergy\n systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\n during boot.\n \n * the mpt driver produced a large number of extraneous debugging messages\n when performing a "Host reset" operation.\n \n * due to a regression in the sym driver, the kernel panicked when a SCSI\n hot swap was performed using MCP18 hardware.\n \n * all cores on a multi-core system now scale their frequencies in\n accordance with the policy set by t ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-November/msg00010.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870088\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0972-01\");\n script_cve_id(\"CVE-2008-3272\", \"CVE-2007-6716\", \"CVE-2007-5093\", \"CVE-2008-1514\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"RedHat Update for kernel RHSA-2008:0972-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.8.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:34", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0972 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880111", "href": "http://plugins.openvas.org/nasl.php?oid=880111", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0972 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * a flaw was found in the Linux kernel's Direct-IO implementation. This\n could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\n kernel, a local unprivileged user could cause a denial of service by\n reading from or writing into a padding area in the user_regs_struct32\n structure. (CVE-2008-1514, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could have allowed a local unprivileged\n user to obtain access to privileged information. (CVE-2008-4210, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel's Open Sound\n System (OSS) implementation. This deficiency could have led to an\n information leak. (CVE-2008-3272, Moderate)\n \n * a potential denial of service attack was discovered in the Linux kernel's\n PWC USB video driver. A local unprivileged user could have used this flaw\n to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n \n * the ext2 and ext3 file systems code failed to properly handle corrupted\n data structures, leading to a possible local denial of service issue when\n read or write operations were performed. (CVE-2008-3528, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * when using the CIFS "forcedirectio" option, appending to an open file on\n a CIFS share resulted in that file being overwritten with the data to be\n appended.\n \n * a kernel panic occurred when a device with PCI ID 8086:10c8 was present\n on a system with a loaded ixgbe driver.\n \n * due to an aacraid driver regression, the kernel failed to boot when trying\n to load the aacraid driver and printed the following error message:\n "aac_srb: aac_fib_send failed with status: 8195".\n \n * due to an mpt driver regression, when RAID 1 was configured on Primergy\n systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\n during boot.\n \n * the mpt driver produced a large number of extraneous debugging messages\n when performing a "Host reset" operation.\n \n * due to a regression in the sym driver, the kernel panicked when a SCSI\n hot swap was performed using MCP18 hardware.\n \n * all cores on a multi-core system now scale their frequencies in\n accordance with the policy set by the system's CPU frequency governor.\n \n * the netdump subsystem suffered from several stability issues. These ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015425.html\");\n script_id(880111);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0972\");\n script_cve_id(\"CVE-2008-3272\", \"CVE-2007-6716\", \"CVE-2007-5093\", \"CVE-2008-1514\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"CentOS Update for kernel CESA-2008:0972 centos4 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:00", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0972 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880111", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880111", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0972 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * a flaw was found in the Linux kernel's Direct-IO implementation. This\n could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\n kernel, a local unprivileged user could cause a denial of service by\n reading from or writing into a padding area in the user_regs_struct32\n structure. (CVE-2008-1514, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could have allowed a local unprivileged\n user to obtain access to privileged information. (CVE-2008-4210, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel's Open Sound\n System (OSS) implementation. This deficiency could have led to an\n information leak. (CVE-2008-3272, Moderate)\n \n * a potential denial of service attack was discovered in the Linux kernel's\n PWC USB video driver. A local unprivileged user could have used this flaw\n to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n \n * the ext2 and ext3 file systems code failed to properly handle corrupted\n data structures, leading to a possible local denial of service issue when\n read or write operations were performed. (CVE-2008-3528, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * when using the CIFS "forcedirectio" option, appending to an open file on\n a CIFS share resulted in that file being overwritten with the data to be\n appended.\n \n * a kernel panic occurred when a device with PCI ID 8086:10c8 was present\n on a system with a loaded ixgbe driver.\n \n * due to an aacraid driver regression, the kernel failed to boot when trying\n to load the aacraid driver and printed the following error message:\n "aac_srb: aac_fib_send failed with status: 8195".\n \n * due to an mpt driver regression, when RAID 1 was configured on Primergy\n systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\n during boot.\n \n * the mpt driver produced a large number of extraneous debugging messages\n when performing a "Host reset" operation.\n \n * due to a regression in the sym driver, the kernel panicked when a SCSI\n hot swap was performed using MCP18 hardware.\n \n * all cores on a multi-core system now scale their frequencies in\n accordance with the policy set by the system's CPU frequency governor.\n \n * the netdump subsystem suffered from several stability issues. These ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015425.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880111\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0972\");\n script_cve_id(\"CVE-2008-3272\", \"CVE-2007-6716\", \"CVE-2007-5093\", \"CVE-2008-1514\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"CentOS Update for kernel CESA-2008:0972 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:15", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0972 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-1514", "CVE-2007-5093", "CVE-2008-4210", "CVE-2007-6716"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880041", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880041", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0972 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * a flaw was found in the Linux kernel's Direct-IO implementation. This\n could have allowed a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * when running ptrace in 31-bit mode on an IBM S/390 or IBM System z\n kernel, a local unprivileged user could cause a denial of service by\n reading from or writing into a padding area in the user_regs_struct32\n structure. (CVE-2008-1514, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could have allowed a local unprivileged\n user to obtain access to privileged information. (CVE-2008-4210, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel's Open Sound\n System (OSS) implementation. This deficiency could have led to an\n information leak. (CVE-2008-3272, Moderate)\n \n * a potential denial of service attack was discovered in the Linux kernel's\n PWC USB video driver. A local unprivileged user could have used this flaw\n to bring the kernel USB subsystem into the busy-waiting state.\n (CVE-2007-5093, Low)\n \n * the ext2 and ext3 file systems code failed to properly handle corrupted\n data structures, leading to a possible local denial of service issue when\n read or write operations were performed. (CVE-2008-3528, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * when using the CIFS "forcedirectio" option, appending to an open file on\n a CIFS share resulted in that file being overwritten with the data to be\n appended.\n \n * a kernel panic occurred when a device with PCI ID 8086:10c8 was present\n on a system with a loaded ixgbe driver.\n \n * due to an aacraid driver regression, the kernel failed to boot when trying\n to load the aacraid driver and printed the following error message:\n "aac_srb: aac_fib_send failed with status: 8195".\n \n * due to an mpt driver regression, when RAID 1 was configured on Primergy\n systems with an LSI SCSI IME 53C1020/1030 controller, the kernel panicked\n during boot.\n \n * the mpt driver produced a large number of extraneous debugging messages\n when performing a "Host reset" operation.\n \n * due to a regression in the sym driver, the kernel panicked when a SCSI\n hot swap was performed using MCP18 hardware.\n \n * all cores on a multi-core system now scale their frequencies in\n accordance with the policy set by the system's CPU frequency governor.\n \n * the netdump subsystem suffered from several stability issues. These ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-November/015424.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880041\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0972\");\n script_cve_id(\"CVE-2008-3272\", \"CVE-2007-6716\", \"CVE-2007-5093\", \"CVE-2008-1514\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n script_name( \"CentOS Update for kernel CESA-2008:0972 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~78.0.8.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:31", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5039274 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-5029", "CVE-2008-4210"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065259", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065259", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5039274.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5039274 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65259\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3528\", \"CVE-2008-5029\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.315\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:38", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5039274 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-5029", "CVE-2008-4210"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65259", "href": "http://plugins.openvas.org/nasl.php?oid=65259", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5039274.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5039274 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65259);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3528\", \"CVE-2008-5029\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.315\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:45", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1653-1.", "cvss3": {}, "published": "2008-11-01T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1653-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3276", "CVE-2008-4210", "CVE-2007-6716", "CVE-2008-4302", "CVE-2008-3833"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:61775", "href": "http://plugins.openvas.org/nasl.php?oid=61775", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1653_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1653-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2007-6716\n\nJoe Jin reported a local denial of service vulnerability that\nallows system users to trigger an oops due to an improperly\ninitialized data structure.\n\nCVE-2008-1514\n\nJan Kratochvil reported a local denial of service vulnerability in\nthe ptrace interface for the s390 architecture. Local users can\ntrigger an invalid pointer dereference, leading to a system panic.\n\nCVE-2008-3276\n\nEugene Teo reported an integer overflow in the DCCP subsystem that\nmay allow remote attackers to cause a denial of service in the\nform of a kernel panic.\n\nCVE-2008-3525\n\nEugene Teo reported a lack of capability checks in the kernel\ndriver for Granch SBNI12 leased line adapters (sbni), allowing\nlocal users to perform privileged operations.\n\nCVE-2008-3833\n\nThe S_ISUID/S_ISGID bits were not being cleared during an inode\nsplice, which, under certain conditions, can be exploited by local\nusers to obtain the privileges of a group for which they are not a\nmember. Mark Fasheh reported this issue.\n\nCVE-2008-4210\n\nDavid Watson reported an issue in the open()/creat() system calls\nwhich, under certain conditions, can be exploited by local users\nto obtain the privileges of a group for which they are not a\nmember.\n\nCVE-2008-4302\n\nA coding error in the splice subsystem allows local users to\nattempt to unlock a page structure that has not been locked,\nresulting in a system crash.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-22etch3.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1653-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201653-1\";\n\n\nif(description)\n{\n script_id(61775);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-01 01:55:10 +0100 (Sat, 01 Nov 2008)\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1653-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.18\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.18\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.18\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.18\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.18-6\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.18\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-alpha\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fai-kernels\", ver:\"1.17+etch.22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-arm\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-hppa\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.18-1um-2etch.22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-i386\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-ia64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mips\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mipsel\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-powerpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390-tape\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-s390\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-sparc\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-22etch3\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:02", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-662-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerability USN-662-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-4395"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840296", "href": "http://plugins.openvas.org/nasl.php?oid=840296", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_662_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for linux vulnerability USN-662-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the Linux kernel could be made to hang temporarily\n when mounting corrupted ext2/3 filesystems. If a user were tricked into\n mounting a specially crafted filesystem, a remote attacker could cause\n system hangs, leading to a denial of service. (CVE-2008-3528)\n\n Anders Kaseorg discovered that ndiswrapper did not correctly handle long\n ESSIDs. For a system using ndiswrapper, a physically near-by attacker\n could generate specially crafted wireless network traffic and execute\n arbitrary code with root privileges. (CVE-2008-4395)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-662-1\";\ntag_affected = \"linux vulnerability on Ubuntu 8.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-662-1/\");\n script_id(840296);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"662-1\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-4395\");\n script_name( \"Ubuntu Update for linux vulnerability USN-662-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.27-7-generic_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.27-7-server_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.27-7-generic_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.27-7-server_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.27-7-virtual_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.27_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.27-7_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.27_2.6.27-7.16\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:21", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2008:052", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3272", "CVE-2008-2826", "CVE-2008-3525", "CVE-2008-4576", "CVE-2008-3276", "CVE-2007-6716", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850045", "href": "http://plugins.openvas.org/nasl.php?oid=850045", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_052.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for kernel SUSE-SA:2008:052\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The openSUSE 10.3 kernel was update to 2.6.22.19. This includes bugs\n and security fixes.\n\n CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between\n SCTP AUTH availability. This might be exploited remotely for a denial\n of service (crash) attack.\n\n CVE-2008-3528: The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem image or partition\n that have corrupted dir->i_size and dir->i_blocks, a user performing\n either a read or write operation on the mounted image or partition\n can lead to a possible denial of service by spamming the logfile.\n\n CVE-2007-6716: fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows local users\n to cause a denial of service (OOPS), as demonstrated by a certain\n fio test.\n\n CVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\n CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which\n could be used to leak information from the kernel.\n\n CVE-2008-3276: An integer overflow flaw was found in the Linux kernel\n dccp_setsockopt_change() function. An attacker may leverage this\n vulnerability to trigger a kernel panic on a victim's machine remotely.\n\n CVE-2008-1673: Added range checking in ASN.1 handling for the CIFS\n and SNMP NAT netfilter modules.\n\n CVE-2008-2826: A integer overflow in SCTP was fixed, which might have\n been used by remote attackers to crash the machine or potentially\n execute code.\n\n CVE-2008-2812: Various NULL ptr checks have been added to tty op\n functions, which might have been used by local attackers to execute\n code. We think that this affects only devices openable by root,\n so the impact is limited.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"kernel on openSUSE 10.3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850045);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-052\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-2826\", \"CVE-2008-3272\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4576\");\n script_name( \"SuSE Update for kernel SUSE-SA:2008:052\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE10.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.1\", rls:\"openSUSE10.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:39", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for kernel MDVSA-2008:224 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-3831"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830717", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830717", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kernel MDVSA-2008:224 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Some vulnerabilities were discovered and corrected in the Linux\n 2.6 kernel:\n\n The error-reporting functionality in (1) fs/ext2/dir.c, (2)\n fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel\n 2.6.26.5 does not limit the number of printk console messages that\n report directory corruption, which allows physically proximate\n attackers to cause a denial of service (temporary system hang) by\n mounting a filesystem that has corrupted dir->i_size and dir->i_blocks\n values and performing (a) read or (b) write operations. NOTE:\n there are limited scenarios in which this crosses privilege\n boundaries. (CVE-2008-3528)\n \n The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel\n 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in\n OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct\n Rendering Manager (DRM) master, which allows local users to cause\n a denial of service (memory corruption) via a crafted ioctl call,\n related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the\n ioctl's configuration. (CVE-2008-3831)\n \n The do_splice_from function in fs/splice.c in the Linux kernel before\n 2.6.27 does not reject file descriptors that have the O_APPEND flag\n set, which allows local users to bypass append mode and make arbitrary\n changes to other locations in the file. (CVE-2008-4554)\n \n Additionally, a problem with TCP options ordering, which could manifest\n as connection problems with many websites (bug #43372), was solved, a\n number of fixes for Intel HDA were added, another number of fixes for\n issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and\n others, were also added. Check package changelog for more information.\n \n \n \n To update your kernel, please follow the directions located at:\n \n http://www.mandriva.com/en/security/kernelupdate\";\n\ntag_affected = \"kernel on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-11/msg00000.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830717\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:224\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\");\n script_name( \"Mandriva Update for kernel MDVSA-2008:224 (kernel)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop~1mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop586~1mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~server~1mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop586-latest\", rpm:\"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20081103.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop-latest\", rpm:\"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20081103.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-server-latest\", rpm:\"alsa_raoppcm-kernel-server-latest~0.5.1~1.20081103.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop~1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop586~1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~server~1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20081103.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20081103.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20081103.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop~1mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop586~1mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~server~1mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop586-latest\", rpm:\"et131x-kernel-desktop586-latest~1.2.3~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop-latest\", rpm:\"et131x-kernel-desktop-latest~1.2.3~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-server-latest\", rpm:\"et131x-kernel-server-latest~1.2.3~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop~1mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop586~1mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~server~1mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop586-latest\", rpm:\"fcpci-kernel-desktop586-latest~3.11.07~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop-latest\", rpm:\"fcpci-kernel-desktop-latest~3.11.07~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-server-latest\", rpm:\"fcpci-kernel-server-latest~3.11.07~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop~1mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop586~1mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~server~1mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop~1mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop586~1mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~server~1mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop586-latest\", rpm:\"gnbd-kernel-desktop586-latest~2.03.07~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop-latest\", rpm:\"gnbd-kernel-desktop-latest~2.03.07~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-server-latest\", rpm:\"gnbd-kernel-server-latest~2.03.07~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop~1mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop586~1mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~server~1mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop586-latest\", rpm:\"hcfpcimodem-kernel-desktop586-latest~1.17~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop-latest\", rpm:\"hcfpcimodem-kernel-desktop-latest~1.17~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-server-latest\", rpm:\"hcfpcimodem-kernel-server-latest~1.17~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop~1mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop586~1mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~server~1mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop586-latest\", rpm:\"hsfmodem-kernel-desktop586-latest~7.68.00.13~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop-latest\", rpm:\"hsfmodem-kernel-desktop-latest~7.68.00.13~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-server-latest\", rpm:\"hsfmodem-kernel-server-latest~7.68.00.13~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop~1mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop586~1mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~server~1mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop586-latest\", rpm:\"hso-kernel-desktop586-latest~1.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop-latest\", rpm:\"hso-kernel-desktop-latest~1.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-server-latest\", rpm:\"hso-kernel-server-latest~1.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop~1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop586~1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~server~1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586\", rpm:\"kernel-desktop586~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel\", rpm:\"kernel-desktop586-devel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server\", rpm:\"kernel-server~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel\", rpm:\"kernel-server-devel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop~1mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop586~1mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~server~1mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20081103.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20081103.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20081103.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop~1mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop586~1mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~server~1mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop586-latest\", rpm:\"lirc-kernel-desktop586-latest~0.8.3~1.20081103.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop-latest\", rpm:\"lirc-kernel-desktop-latest~0.8.3~1.20081103.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-server-latest\", rpm:\"lirc-kernel-server-latest~0.8.3~1.20081103.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop~1mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop586~1mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~server~1mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop586-latest\", rpm:\"lzma-kernel-desktop586-latest~4.43~1.20081103.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop-latest\", rpm:\"lzma-kernel-desktop-latest~4.43~1.20081103.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-server-latest\", rpm:\"lzma-kernel-server-latest~4.43~1.20081103.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop~1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop586~1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~server~1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20081103.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20081103.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20081103.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop~1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop586~1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop~1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop586~1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~server~1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop~1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop586~1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~server~1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop~1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop586~1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~server~1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20081103.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20081103.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20081103.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop~1mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop586~1mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~server~1mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop586-latest\", rpm:\"omfs-kernel-desktop586-latest~0.8.0~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop-latest\", rpm:\"omfs-kernel-desktop-latest~0.8.0~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-server-latest\", rpm:\"omfs-kernel-server-latest~0.8.0~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop~1mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop586~1mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~server~1mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop586-latest-20080513\", rpm:\"omnibook-kernel-desktop586-latest-20080513~1.20081103.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop-latest-20080513\", rpm:\"omnibook-kernel-desktop-latest-20080513~1.20081103.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-server-latest-20080513\", rpm:\"omnibook-kernel-server-latest-20080513~1.20081103.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop~1mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop586~1mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~server~1mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop586-latest\", rpm:\"opencbm-kernel-desktop586-latest~0.4.2a~1.20081103.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop-latest\", rpm:\"opencbm-kernel-desktop-latest~0.4.2a~1.20081103.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-server-latest\", rpm:\"opencbm-kernel-server-latest~0.4.2a~1.20081103.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop~1mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop586~1mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~server~1mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop586-latest\", rpm:\"ov51x-jpeg-kernel-desktop586-latest~1.5.8~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop-latest\", rpm:\"ov51x-jpeg-kernel-desktop-latest~1.5.8~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-server-latest\", rpm:\"ov51x-jpeg-kernel-server-latest~1.5.8~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop~1mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop586~1mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~server~1mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop586-latest\", rpm:\"qc-usb-kernel-desktop586-latest~0.6.6~1.20081103.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop-latest\", rpm:\"qc-usb-kernel-desktop-latest~0.6.6~1.20081103.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-server-latest\", rpm:\"qc-usb-kernel-server-latest~0.6.6~1.20081103.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop~1mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop586~1mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~server~1mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop586-latest\", rpm:\"rt2860-kernel-desktop586-latest~1.7.0.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop-latest\", rpm:\"rt2860-kernel-desktop-latest~1.7.0.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-server-latest\", rpm:\"rt2860-kernel-server-latest~1.7.0.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop~1mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop586~1mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~server~1mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop586-latest\", rpm:\"rt2870-kernel-desktop586-latest~1.3.1.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop-latest\", rpm:\"rt2870-kernel-desktop-latest~1.3.1.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-server-latest\", rpm:\"rt2870-kernel-server-latest~1.3.1.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop~1mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop586~1mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~server~1mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop586-latest\", rpm:\"rtl8187se-kernel-desktop586-latest~1016.20080716~1.20081103.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop-latest\", rpm:\"rtl8187se-kernel-desktop-latest~1016.20080716~1.20081103.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-server-latest\", rpm:\"rtl8187se-kernel-server-latest~1016.20080716~1.20081103.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop~1mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop586~1mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~server~1mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop586-latest\", rpm:\"slmodem-kernel-desktop586-latest~2.9.11~1.20081103.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop-latest\", rpm:\"slmodem-kernel-desktop-latest~2.9.11~1.20081103.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-server-latest\", rpm:\"slmodem-kernel-server-latest~2.9.11~1.20081103.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop~1mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop586~1mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~server~1mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop586-latest\", rpm:\"squashfs-lzma-kernel-desktop586-latest~3.3~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop-latest\", rpm:\"squashfs-lzma-kernel-desktop-latest~3.3~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-server-latest\", rpm:\"squashfs-lzma-kernel-server-latest~3.3~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop~1mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop586~1mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~server~1mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop586-latest\", rpm:\"tp_smapi-kernel-desktop586-latest~0.37~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop-latest\", rpm:\"tp_smapi-kernel-desktop-latest~0.37~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-server-latest\", rpm:\"tp_smapi-kernel-server-latest~0.37~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop586~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~server~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop586-latest\", rpm:\"vboxadd-kernel-desktop586-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop-latest\", rpm:\"vboxadd-kernel-desktop-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-server-latest\", rpm:\"vboxadd-kernel-server-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop586~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~server~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop586-latest\", rpm:\"vboxvfs-kernel-desktop586-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop-latest\", rpm:\"vboxvfs-kernel-desktop-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-server-latest\", rpm:\"vboxvfs-kernel-server-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop~1mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop586~1mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~server~1mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop586-latest\", rpm:\"vhba-kernel-desktop586-latest~1.0.0~1.20081103.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop-latest\", rpm:\"vhba-kernel-desktop-latest~1.0.0~1.20081103.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-server-latest\", rpm:\"vhba-kernel-server-latest~1.0.0~1.20081103.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop586~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~server~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop586-latest\", rpm:\"virtualbox-kernel-desktop586-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop-latest\", rpm:\"virtualbox-kernel-desktop-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-server-latest\", rpm:\"virtualbox-kernel-server-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop~1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop586~1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~server~1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~server~1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-server-latest\", rpm:\"nvidia173-kernel-server-latest~173.14.12~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:02", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for kernel MDVSA-2008:224-1 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-3831"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830443", "href": "http://plugins.openvas.org/nasl.php?oid=830443", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kernel MDVSA-2008:224-1 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Some vulnerabilities were discovered and corrected in the Linux\n 2.6 kernel:\n\n The error-reporting functionality in (1) fs/ext2/dir.c, (2)\n fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel\n 2.6.26.5 does not limit the number of printk console messages that\n report directory corruption, which allows physically proximate\n attackers to cause a denial of service (temporary system hang) by\n mounting a filesystem that has corrupted dir->i_size and dir->i_blocks\n values and performing (a) read or (b) write operations. NOTE:\n there are limited scenarios in which this crosses privilege\n boundaries. (CVE-2008-3528)\n \n The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel\n 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in\n OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct\n Rendering Manager (DRM) master, which allows local users to cause\n a denial of service (memory corruption) via a crafted ioctl call,\n related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the\n ioctl's configuration. (CVE-2008-3831)\n \n The do_splice_from function in fs/splice.c in the Linux kernel before\n 2.6.27 does not reject file descriptors that have the O_APPEND flag\n set, which allows local users to bypass append mode and make arbitrary\n changes to other locations in the file. (CVE-2008-4554)\n \n Additionally, a problem with TCP options ordering, which could manifest\n as connection problems with many websites (bug #43372), was solved, a\n number of fixes for Intel HDA were added, another number of fixes for\n issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and\n others, were also added. Check package changelog for more information.\n \n \n \n To update your kernel, please follow the directions located at:\n \n http://www.mandriva.com/en/security/kernelupdate\n \n Update:\n \n The previous update included a patch which introduced a bug that would\n make the boot process to stop halfway in several machines. That patch\n has been removed in this new update, to avoid that problem.\";\n\ntag_affected = \"kernel on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-11/msg00003.php\");\n script_id(830443);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:224-1\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\");\n script_name( \"Mandriva Update for kernel MDVSA-2008:224-1 (kernel)\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop~2mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop586~2mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~server~2mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop586-latest\", rpm:\"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20081106.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop-latest\", rpm:\"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20081106.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-server-latest\", rpm:\"alsa_raoppcm-kernel-server-latest~0.5.1~1.20081106.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop586~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~server~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20081106.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20081106.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20081106.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop~2mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop586~2mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~server~2mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop586-latest\", rpm:\"et131x-kernel-desktop586-latest~1.2.3~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop-latest\", rpm:\"et131x-kernel-desktop-latest~1.2.3~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-server-latest\", rpm:\"et131x-kernel-server-latest~1.2.3~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop~2mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop586~2mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~server~2mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop586-latest\", rpm:\"fcpci-kernel-desktop586-latest~3.11.07~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop-latest\", rpm:\"fcpci-kernel-desktop-latest~3.11.07~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-server-latest\", rpm:\"fcpci-kernel-server-latest~3.11.07~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop586~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~server~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop~2mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop586~2mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~server~2mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop586-latest\", rpm:\"gnbd-kernel-desktop586-latest~2.03.07~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop-latest\", rpm:\"gnbd-kernel-desktop-latest~2.03.07~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-server-latest\", rpm:\"gnbd-kernel-server-latest~2.03.07~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop~2mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop586~2mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~server~2mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop586-latest\", rpm:\"hcfpcimodem-kernel-desktop586-latest~1.17~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop-latest\", rpm:\"hcfpcimodem-kernel-desktop-latest~1.17~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-server-latest\", rpm:\"hcfpcimodem-kernel-server-latest~1.17~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop~2mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop586~2mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~server~2mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop586-latest\", rpm:\"hsfmodem-kernel-desktop586-latest~7.68.00.13~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop-latest\", rpm:\"hsfmodem-kernel-desktop-latest~7.68.00.13~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-server-latest\", rpm:\"hsfmodem-kernel-server-latest~7.68.00.13~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop~2mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop586~2mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~server~2mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop586-latest\", rpm:\"hso-kernel-desktop586-latest~1.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop-latest\", rpm:\"hso-kernel-desktop-latest~1.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-server-latest\", rpm:\"hso-kernel-server-latest~1.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop~2mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop586~2mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~server~2mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586\", rpm:\"kernel-desktop586~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel\", rpm:\"kernel-desktop586-devel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server\", rpm:\"kernel-server~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel\", rpm:\"kernel-server-devel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop~2mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop586~2mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~server~2mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20081106.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20081106.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20081106.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop~2mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop586~2mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~server~2mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop586-latest\", rpm:\"lirc-kernel-desktop586-latest~0.8.3~1.20081106.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop-latest\", rpm:\"lirc-kernel-desktop-latest~0.8.3~1.20081106.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-server-latest\", rpm:\"lirc-kernel-server-latest~0.8.3~1.20081106.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop~2mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop586~2mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~server~2mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop586-latest\", rpm:\"lzma-kernel-desktop586-latest~4.43~1.20081106.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop-latest\", rpm:\"lzma-kernel-desktop-latest~4.43~1.20081106.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-server-latest\", rpm:\"lzma-kernel-server-latest~4.43~1.20081106.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop586~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~server~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20081106.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20081106.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20081106.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop586~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop586~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~server~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop586~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~server~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop586~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~server~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20081106.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20081106.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20081106.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop~2mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop586~2mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~server~2mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop586-latest\", rpm:\"omfs-kernel-desktop586-latest~0.8.0~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop-latest\", rpm:\"omfs-kernel-desktop-latest~0.8.0~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-server-latest\", rpm:\"omfs-kernel-server-latest~0.8.0~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop~2mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop586~2mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~server~2mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop586-latest-20080513\", rpm:\"omnibook-kernel-desktop586-latest-20080513~1.20081106.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop-latest-20080513\", rpm:\"omnibook-kernel-desktop-latest-20080513~1.20081106.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-server-latest-20080513\", rpm:\"omnibook-kernel-server-latest-20080513~1.20081106.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop~2mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop586~2mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~server~2mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop586-latest\", rpm:\"opencbm-kernel-desktop586-latest~0.4.2a~1.20081106.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop-latest\", rpm:\"opencbm-kernel-desktop-latest~0.4.2a~1.20081106.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-server-latest\", rpm:\"opencbm-kernel-server-latest~0.4.2a~1.20081106.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop~2mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop586~2mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~server~2mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop586-latest\", rpm:\"ov51x-jpeg-kernel-desktop586-latest~1.5.8~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop-latest\", rpm:\"ov51x-jpeg-kernel-desktop-latest~1.5.8~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-server-latest\", rpm:\"ov51x-jpeg-kernel-server-latest~1.5.8~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop~2mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop586~2mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~server~2mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop586-latest\", rpm:\"qc-usb-kernel-desktop586-latest~0.6.6~1.20081106.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop-latest\", rpm:\"qc-usb-kernel-desktop-latest~0.6.6~1.20081106.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-server-latest\", rpm:\"qc-usb-kernel-server-latest~0.6.6~1.20081106.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop~2mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop586~2mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~server~2mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop586-latest\", rpm:\"rt2860-kernel-desktop586-latest~1.7.0.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop-latest\", rpm:\"rt2860-kernel-desktop-latest~1.7.0.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-server-latest\", rpm:\"rt2860-kernel-server-latest~1.7.0.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop~2mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop586~2mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~server~2mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop586-latest\", rpm:\"rt2870-kernel-desktop586-latest~1.3.1.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop-latest\", rpm:\"rt2870-kernel-desktop-latest~1.3.1.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-server-latest\", rpm:\"rt2870-kernel-server-latest~1.3.1.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop~2mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop586~2mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~server~2mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop586-latest\", rpm:\"rtl8187se-kernel-desktop586-latest~1016.20080716~1.20081106.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop-latest\", rpm:\"rtl8187se-kernel-desktop-latest~1016.20080716~1.20081106.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-server-latest\", rpm:\"rtl8187se-kernel-server-latest~1016.20080716~1.20081106.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop~2mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop586~2mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~server~2mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop586-latest\", rpm:\"slmodem-kernel-desktop586-latest~2.9.11~1.20081106.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop-latest\", rpm:\"slmodem-kernel-desktop-latest~2.9.11~1.20081106.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-server-latest\", rpm:\"slmodem-kernel-server-latest~2.9.11~1.20081106.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop~2mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop586~2mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~server~2mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop586-latest\", rpm:\"squashfs-lzma-kernel-desktop586-latest~3.3~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop-latest\", rpm:\"squashfs-lzma-kernel-desktop-latest~3.3~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-server-latest\", rpm:\"squashfs-lzma-kernel-server-latest~3.3~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop~2mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop586~2mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~server~2mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop586-latest\", rpm:\"tp_smapi-kernel-desktop586-latest~0.37~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop-latest\", rpm:\"tp_smapi-kernel-desktop-latest~0.37~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-server-latest\", rpm:\"tp_smapi-kernel-server-latest~0.37~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop586~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~server~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop586-latest\", rpm:\"vboxadd-kernel-desktop586-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop-latest\", rpm:\"vboxadd-kernel-desktop-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-server-latest\", rpm:\"vboxadd-kernel-server-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop586~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~server~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop586-latest\", rpm:\"vboxvfs-kernel-desktop586-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop-latest\", rpm:\"vboxvfs-kernel-desktop-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-server-latest\", rpm:\"vboxvfs-kernel-server-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop~2mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop586~2mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~server~2mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop586-latest\", rpm:\"vhba-kernel-desktop586-latest~1.0.0~1.20081106.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop-latest\", rpm:\"vhba-kernel-desktop-latest~1.0.0~1.20081106.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-server-latest\", rpm:\"vhba-kernel-server-latest~1.0.0~1.20081106.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop586~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~server~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop586-latest\", rpm:\"virtualbox-kernel-desktop586-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop-latest\", rpm:\"virtualbox-kernel-desktop-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-server-latest\", rpm:\"virtualbox-kernel-server-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop586~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~server~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~server~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-server-latest\", rpm:\"nvidia173-kernel-server-latest~173.14.12~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:32", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for kernel MDVSA-2008:224-1 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-3831"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310830443", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830443", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kernel MDVSA-2008:224-1 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Some vulnerabilities were discovered and corrected in the Linux\n 2.6 kernel:\n\n The error-reporting functionality in (1) fs/ext2/dir.c, (2)\n fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel\n 2.6.26.5 does not limit the number of printk console messages that\n report directory corruption, which allows physically proximate\n attackers to cause a denial of service (temporary system hang) by\n mounting a filesystem that has corrupted dir->i_size and dir->i_blocks\n values and performing (a) read or (b) write operations. NOTE:\n there are limited scenarios in which this crosses privilege\n boundaries. (CVE-2008-3528)\n \n The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel\n 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in\n OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct\n Rendering Manager (DRM) master, which allows local users to cause\n a denial of service (memory corruption) via a crafted ioctl call,\n related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the\n ioctl's configuration. (CVE-2008-3831)\n \n The do_splice_from function in fs/splice.c in the Linux kernel before\n 2.6.27 does not reject file descriptors that have the O_APPEND flag\n set, which allows local users to bypass append mode and make arbitrary\n changes to other locations in the file. (CVE-2008-4554)\n \n Additionally, a problem with TCP options ordering, which could manifest\n as connection problems with many websites (bug #43372), was solved, a\n number of fixes for Intel HDA were added, another number of fixes for\n issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and\n others, were also added. Check package changelog for more information.\n \n \n \n To update your kernel, please follow the directions located at:\n \n http://www.mandriva.com/en/security/kernelupdate\n \n Update:\n \n The previous update included a patch which introduced a bug that would\n make the boot process to stop halfway in several machines. That patch\n has been removed in this new update, to avoid that problem.\";\n\ntag_affected = \"kernel on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-11/msg00003.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830443\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:18:58 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:224-1\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\");\n script_name( \"Mandriva Update for kernel MDVSA-2008:224-1 (kernel)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop~2mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop586~2mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~server~2mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop586-latest\", rpm:\"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20081106.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop-latest\", rpm:\"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20081106.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-server-latest\", rpm:\"alsa_raoppcm-kernel-server-latest~0.5.1~1.20081106.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop586~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~server~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20081106.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20081106.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20081106.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop~2mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop586~2mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~server~2mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop586-latest\", rpm:\"et131x-kernel-desktop586-latest~1.2.3~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop-latest\", rpm:\"et131x-kernel-desktop-latest~1.2.3~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-server-latest\", rpm:\"et131x-kernel-server-latest~1.2.3~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop~2mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop586~2mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~server~2mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop586-latest\", rpm:\"fcpci-kernel-desktop586-latest~3.11.07~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop-latest\", rpm:\"fcpci-kernel-desktop-latest~3.11.07~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-server-latest\", rpm:\"fcpci-kernel-server-latest~3.11.07~1.20081106.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop586~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~server~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop~2mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop586~2mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~server~2mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop586-latest\", rpm:\"gnbd-kernel-desktop586-latest~2.03.07~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop-latest\", rpm:\"gnbd-kernel-desktop-latest~2.03.07~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-server-latest\", rpm:\"gnbd-kernel-server-latest~2.03.07~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop~2mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop586~2mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~server~2mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop586-latest\", rpm:\"hcfpcimodem-kernel-desktop586-latest~1.17~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop-latest\", rpm:\"hcfpcimodem-kernel-desktop-latest~1.17~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-server-latest\", rpm:\"hcfpcimodem-kernel-server-latest~1.17~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop~2mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop586~2mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~server~2mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop586-latest\", rpm:\"hsfmodem-kernel-desktop586-latest~7.68.00.13~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop-latest\", rpm:\"hsfmodem-kernel-desktop-latest~7.68.00.13~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-server-latest\", rpm:\"hsfmodem-kernel-server-latest~7.68.00.13~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop~2mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop586~2mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~server~2mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop586-latest\", rpm:\"hso-kernel-desktop586-latest~1.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop-latest\", rpm:\"hso-kernel-desktop-latest~1.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-server-latest\", rpm:\"hso-kernel-server-latest~1.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop~2mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop586~2mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~server~2mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586\", rpm:\"kernel-desktop586~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel\", rpm:\"kernel-desktop586-devel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server\", rpm:\"kernel-server~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel\", rpm:\"kernel-server-devel~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.4~2mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop~2mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop586~2mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~server~2mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20081106.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20081106.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20081106.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop~2mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop586~2mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~server~2mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop586-latest\", rpm:\"lirc-kernel-desktop586-latest~0.8.3~1.20081106.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop-latest\", rpm:\"lirc-kernel-desktop-latest~0.8.3~1.20081106.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-server-latest\", rpm:\"lirc-kernel-server-latest~0.8.3~1.20081106.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop~2mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop586~2mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~server~2mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop586-latest\", rpm:\"lzma-kernel-desktop586-latest~4.43~1.20081106.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop-latest\", rpm:\"lzma-kernel-desktop-latest~4.43~1.20081106.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-server-latest\", rpm:\"lzma-kernel-server-latest~4.43~1.20081106.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop586~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~server~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20081106.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20081106.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20081106.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop586~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop586~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~server~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop586~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~server~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop586~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~server~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20081106.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20081106.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20081106.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop~2mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop586~2mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~server~2mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop586-latest\", rpm:\"omfs-kernel-desktop586-latest~0.8.0~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop-latest\", rpm:\"omfs-kernel-desktop-latest~0.8.0~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-server-latest\", rpm:\"omfs-kernel-server-latest~0.8.0~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop~2mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop586~2mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~server~2mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop586-latest-20080513\", rpm:\"omnibook-kernel-desktop586-latest-20080513~1.20081106.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop-latest-20080513\", rpm:\"omnibook-kernel-desktop-latest-20080513~1.20081106.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-server-latest-20080513\", rpm:\"omnibook-kernel-server-latest-20080513~1.20081106.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop~2mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop586~2mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~server~2mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop586-latest\", rpm:\"opencbm-kernel-desktop586-latest~0.4.2a~1.20081106.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop-latest\", rpm:\"opencbm-kernel-desktop-latest~0.4.2a~1.20081106.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-server-latest\", rpm:\"opencbm-kernel-server-latest~0.4.2a~1.20081106.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop~2mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop586~2mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~server~2mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop586-latest\", rpm:\"ov51x-jpeg-kernel-desktop586-latest~1.5.8~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop-latest\", rpm:\"ov51x-jpeg-kernel-desktop-latest~1.5.8~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-server-latest\", rpm:\"ov51x-jpeg-kernel-server-latest~1.5.8~1.20081106.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop~2mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop586~2mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~server~2mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop586-latest\", rpm:\"qc-usb-kernel-desktop586-latest~0.6.6~1.20081106.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop-latest\", rpm:\"qc-usb-kernel-desktop-latest~0.6.6~1.20081106.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-server-latest\", rpm:\"qc-usb-kernel-server-latest~0.6.6~1.20081106.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop~2mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop586~2mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~server~2mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop586-latest\", rpm:\"rt2860-kernel-desktop586-latest~1.7.0.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop-latest\", rpm:\"rt2860-kernel-desktop-latest~1.7.0.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-server-latest\", rpm:\"rt2860-kernel-server-latest~1.7.0.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop~2mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop586~2mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~server~2mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop586-latest\", rpm:\"rt2870-kernel-desktop586-latest~1.3.1.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop-latest\", rpm:\"rt2870-kernel-desktop-latest~1.3.1.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-server-latest\", rpm:\"rt2870-kernel-server-latest~1.3.1.0~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop~2mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop586~2mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~server~2mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop586-latest\", rpm:\"rtl8187se-kernel-desktop586-latest~1016.20080716~1.20081106.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop-latest\", rpm:\"rtl8187se-kernel-desktop-latest~1016.20080716~1.20081106.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-server-latest\", rpm:\"rtl8187se-kernel-server-latest~1016.20080716~1.20081106.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop~2mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop586~2mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~server~2mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop586-latest\", rpm:\"slmodem-kernel-desktop586-latest~2.9.11~1.20081106.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop-latest\", rpm:\"slmodem-kernel-desktop-latest~2.9.11~1.20081106.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-server-latest\", rpm:\"slmodem-kernel-server-latest~2.9.11~1.20081106.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop~2mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop586~2mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~server~2mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop586-latest\", rpm:\"squashfs-lzma-kernel-desktop586-latest~3.3~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop-latest\", rpm:\"squashfs-lzma-kernel-desktop-latest~3.3~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-server-latest\", rpm:\"squashfs-lzma-kernel-server-latest~3.3~1.20081106.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop~2mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop586~2mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~server~2mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop586-latest\", rpm:\"tp_smapi-kernel-desktop586-latest~0.37~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop-latest\", rpm:\"tp_smapi-kernel-desktop-latest~0.37~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-server-latest\", rpm:\"tp_smapi-kernel-server-latest~0.37~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop586~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~server~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop586-latest\", rpm:\"vboxadd-kernel-desktop586-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop-latest\", rpm:\"vboxadd-kernel-desktop-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-server-latest\", rpm:\"vboxadd-kernel-server-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop586~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~server~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop586-latest\", rpm:\"vboxvfs-kernel-desktop586-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop-latest\", rpm:\"vboxvfs-kernel-desktop-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-server-latest\", rpm:\"vboxvfs-kernel-server-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop~2mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop586~2mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~server~2mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop586-latest\", rpm:\"vhba-kernel-desktop586-latest~1.0.0~1.20081106.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop-latest\", rpm:\"vhba-kernel-desktop-latest~1.0.0~1.20081106.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-server-latest\", rpm:\"vhba-kernel-server-latest~1.0.0~1.20081106.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop586~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~server~2mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop586-latest\", rpm:\"virtualbox-kernel-desktop586-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop-latest\", rpm:\"virtualbox-kernel-desktop-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-server-latest\", rpm:\"virtualbox-kernel-server-latest~2.0.2~1.20081106.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop586~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~server~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20081106.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~2mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~server~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-server-latest\", rpm:\"nvidia173-kernel-server-latest~173.14.12~1.20081106.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:49", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-04-09T00:00:00", "type": "openvas", "title": "Mandriva Update for kernel MDVSA-2008:224 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-3831"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:830717", "href": "http://plugins.openvas.org/nasl.php?oid=830717", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kernel MDVSA-2008:224 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Some vulnerabilities were discovered and corrected in the Linux\n 2.6 kernel:\n\n The error-reporting functionality in (1) fs/ext2/dir.c, (2)\n fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel\n 2.6.26.5 does not limit the number of printk console messages that\n report directory corruption, which allows physically proximate\n attackers to cause a denial of service (temporary system hang) by\n mounting a filesystem that has corrupted dir->i_size and dir->i_blocks\n values and performing (a) read or (b) write operations. NOTE:\n there are limited scenarios in which this crosses privilege\n boundaries. (CVE-2008-3528)\n \n The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel\n 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in\n OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct\n Rendering Manager (DRM) master, which allows local users to cause\n a denial of service (memory corruption) via a crafted ioctl call,\n related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the\n ioctl's configuration. (CVE-2008-3831)\n \n The do_splice_from function in fs/splice.c in the Linux kernel before\n 2.6.27 does not reject file descriptors that have the O_APPEND flag\n set, which allows local users to bypass append mode and make arbitrary\n changes to other locations in the file. (CVE-2008-4554)\n \n Additionally, a problem with TCP options ordering, which could manifest\n as connection problems with many websites (bug #43372), was solved, a\n number of fixes for Intel HDA were added, another number of fixes for\n issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and\n others, were also added. Check package changelog for more information.\n \n \n \n To update your kernel, please follow the directions located at:\n \n http://www.mandriva.com/en/security/kernelupdate\";\n\ntag_affected = \"kernel on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2008-11/msg00000.php\");\n script_id(830717);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"MDVSA\", value: \"2008:224\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\");\n script_name( \"Mandriva Update for kernel MDVSA-2008:224 (kernel)\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop~1mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~desktop586~1mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel\", rpm:\"alsa_raoppcm-kernel~2.6.27.4~server~1mnb~0.5.1~2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop586-latest\", rpm:\"alsa_raoppcm-kernel-desktop586-latest~0.5.1~1.20081103.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-desktop-latest\", rpm:\"alsa_raoppcm-kernel-desktop-latest~0.5.1~1.20081103.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"alsa_raoppcm-kernel-server-latest\", rpm:\"alsa_raoppcm-kernel-server-latest~0.5.1~1.20081103.2mdv2008.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop~1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~desktop586~1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel\", rpm:\"drm-experimental-kernel~2.6.27.4~server~1mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20081103.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20081103.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20081103.2.20080912.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop~1mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~desktop586~1mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel\", rpm:\"et131x-kernel~2.6.27.4~server~1mnb~1.2.3~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop586-latest\", rpm:\"et131x-kernel-desktop586-latest~1.2.3~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-desktop-latest\", rpm:\"et131x-kernel-desktop-latest~1.2.3~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"et131x-kernel-server-latest\", rpm:\"et131x-kernel-server-latest~1.2.3~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop~1mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~desktop586~1mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel\", rpm:\"fcpci-kernel~2.6.27.4~server~1mnb~3.11.07~7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop586-latest\", rpm:\"fcpci-kernel-desktop586-latest~3.11.07~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-desktop-latest\", rpm:\"fcpci-kernel-desktop-latest~3.11.07~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fcpci-kernel-server-latest\", rpm:\"fcpci-kernel-server-latest~3.11.07~1.20081103.7mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop~1mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~desktop586~1mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel\", rpm:\"fglrx-kernel~2.6.27.4~server~1mnb~8.522~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop~1mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~desktop586~1mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel\", rpm:\"gnbd-kernel~2.6.27.4~server~1mnb~2.03.07~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop586-latest\", rpm:\"gnbd-kernel-desktop586-latest~2.03.07~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-desktop-latest\", rpm:\"gnbd-kernel-desktop-latest~2.03.07~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"gnbd-kernel-server-latest\", rpm:\"gnbd-kernel-server-latest~2.03.07~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop~1mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~desktop586~1mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel\", rpm:\"hcfpcimodem-kernel~2.6.27.4~server~1mnb~1.17~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop586-latest\", rpm:\"hcfpcimodem-kernel-desktop586-latest~1.17~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-desktop-latest\", rpm:\"hcfpcimodem-kernel-desktop-latest~1.17~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hcfpcimodem-kernel-server-latest\", rpm:\"hcfpcimodem-kernel-server-latest~1.17~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop~1mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~desktop586~1mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel\", rpm:\"hsfmodem-kernel~2.6.27.4~server~1mnb~7.68.00.13~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop586-latest\", rpm:\"hsfmodem-kernel-desktop586-latest~7.68.00.13~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-desktop-latest\", rpm:\"hsfmodem-kernel-desktop-latest~7.68.00.13~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hsfmodem-kernel-server-latest\", rpm:\"hsfmodem-kernel-server-latest~7.68.00.13~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop~1mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~desktop586~1mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel\", rpm:\"hso-kernel~2.6.27.4~server~1mnb~1.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop586-latest\", rpm:\"hso-kernel-desktop586-latest~1.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-desktop-latest\", rpm:\"hso-kernel-desktop-latest~1.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"hso-kernel-server-latest\", rpm:\"hso-kernel-server-latest~1.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop~1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~desktop586~1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel\", rpm:\"iscsitarget-kernel~2.6.27.4~server~1mnb~0.4.16~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586\", rpm:\"kernel-desktop586~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel\", rpm:\"kernel-desktop586-devel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server\", rpm:\"kernel-server~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel\", rpm:\"kernel-server-devel~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.4~1mnb~1~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop~1mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~desktop586~1mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.4~server~1mnb~1.4.0pre1~0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20081103.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20081103.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20081103.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop~1mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~desktop586~1mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel\", rpm:\"lirc-kernel~2.6.27.4~server~1mnb~0.8.3~4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop586-latest\", rpm:\"lirc-kernel-desktop586-latest~0.8.3~1.20081103.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-desktop-latest\", rpm:\"lirc-kernel-desktop-latest~0.8.3~1.20081103.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lirc-kernel-server-latest\", rpm:\"lirc-kernel-server-latest~0.8.3~1.20081103.4.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop~1mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~desktop586~1mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel\", rpm:\"lzma-kernel~2.6.27.4~server~1mnb~4.43~24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop586-latest\", rpm:\"lzma-kernel-desktop586-latest~4.43~1.20081103.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-desktop-latest\", rpm:\"lzma-kernel-desktop-latest~4.43~1.20081103.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lzma-kernel-server-latest\", rpm:\"lzma-kernel-server-latest~4.43~1.20081103.24mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop~1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~desktop586~1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel\", rpm:\"madwifi-kernel~2.6.27.4~server~1mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20081103.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20081103.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20081103.3.r3835mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop~1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~desktop586~1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop~1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~desktop586~1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel\", rpm:\"nvidia71xx-kernel~2.6.27.4~server~1mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop~1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~desktop586~1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel\", rpm:\"nvidia96xx-kernel~2.6.27.4~server~1mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop~1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~desktop586~1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel\", rpm:\"nvidia-current-kernel~2.6.27.4~server~1mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20081103.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20081103.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20081103.2.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop~1mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~desktop586~1mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel\", rpm:\"omfs-kernel~2.6.27.4~server~1mnb~0.8.0~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop586-latest\", rpm:\"omfs-kernel-desktop586-latest~0.8.0~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-desktop-latest\", rpm:\"omfs-kernel-desktop-latest~0.8.0~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omfs-kernel-server-latest\", rpm:\"omfs-kernel-server-latest~0.8.0~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop~1mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~desktop586~1mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel\", rpm:\"omnibook-kernel~2.6.27.4~server~1mnb~20080513~0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop586-latest-20080513\", rpm:\"omnibook-kernel-desktop586-latest-20080513~1.20081103.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-desktop-latest-20080513\", rpm:\"omnibook-kernel-desktop-latest-20080513~1.20081103.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"omnibook-kernel-server-latest-20080513\", rpm:\"omnibook-kernel-server-latest-20080513~1.20081103.0.274.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop~1mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~desktop586~1mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel\", rpm:\"opencbm-kernel~2.6.27.4~server~1mnb~0.4.2a~1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop586-latest\", rpm:\"opencbm-kernel-desktop586-latest~0.4.2a~1.20081103.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-desktop-latest\", rpm:\"opencbm-kernel-desktop-latest~0.4.2a~1.20081103.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opencbm-kernel-server-latest\", rpm:\"opencbm-kernel-server-latest~0.4.2a~1.20081103.1mdv2008.1\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop~1mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~desktop586~1mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel\", rpm:\"ov51x-jpeg-kernel~2.6.27.4~server~1mnb~1.5.8~1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop586-latest\", rpm:\"ov51x-jpeg-kernel-desktop586-latest~1.5.8~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-desktop-latest\", rpm:\"ov51x-jpeg-kernel-desktop-latest~1.5.8~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ov51x-jpeg-kernel-server-latest\", rpm:\"ov51x-jpeg-kernel-server-latest~1.5.8~1.20081103.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop~1mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~desktop586~1mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel\", rpm:\"qc-usb-kernel~2.6.27.4~server~1mnb~0.6.6~6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop586-latest\", rpm:\"qc-usb-kernel-desktop586-latest~0.6.6~1.20081103.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-desktop-latest\", rpm:\"qc-usb-kernel-desktop-latest~0.6.6~1.20081103.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"qc-usb-kernel-server-latest\", rpm:\"qc-usb-kernel-server-latest~0.6.6~1.20081103.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop~1mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~desktop586~1mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel\", rpm:\"rt2860-kernel~2.6.27.4~server~1mnb~1.7.0.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop586-latest\", rpm:\"rt2860-kernel-desktop586-latest~1.7.0.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-desktop-latest\", rpm:\"rt2860-kernel-desktop-latest~1.7.0.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2860-kernel-server-latest\", rpm:\"rt2860-kernel-server-latest~1.7.0.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop~1mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~desktop586~1mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel\", rpm:\"rt2870-kernel~2.6.27.4~server~1mnb~1.3.1.0~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop586-latest\", rpm:\"rt2870-kernel-desktop586-latest~1.3.1.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-desktop-latest\", rpm:\"rt2870-kernel-desktop-latest~1.3.1.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rt2870-kernel-server-latest\", rpm:\"rt2870-kernel-server-latest~1.3.1.0~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop~1mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~desktop586~1mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel\", rpm:\"rtl8187se-kernel~2.6.27.4~server~1mnb~1016.20080716~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop586-latest\", rpm:\"rtl8187se-kernel-desktop586-latest~1016.20080716~1.20081103.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-desktop-latest\", rpm:\"rtl8187se-kernel-desktop-latest~1016.20080716~1.20081103.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"rtl8187se-kernel-server-latest\", rpm:\"rtl8187se-kernel-server-latest~1016.20080716~1.20081103.1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop~1mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~desktop586~1mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel\", rpm:\"slmodem-kernel~2.6.27.4~server~1mnb~2.9.11~0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop586-latest\", rpm:\"slmodem-kernel-desktop586-latest~2.9.11~1.20081103.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-desktop-latest\", rpm:\"slmodem-kernel-desktop-latest~2.9.11~1.20081103.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"slmodem-kernel-server-latest\", rpm:\"slmodem-kernel-server-latest~2.9.11~1.20081103.0.20080817.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop~1mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~desktop586~1mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel\", rpm:\"squashfs-lzma-kernel~2.6.27.4~server~1mnb~3.3~5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop586-latest\", rpm:\"squashfs-lzma-kernel-desktop586-latest~3.3~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-desktop-latest\", rpm:\"squashfs-lzma-kernel-desktop-latest~3.3~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squashfs-lzma-kernel-server-latest\", rpm:\"squashfs-lzma-kernel-server-latest~3.3~1.20081103.5mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop~1mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~desktop586~1mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel\", rpm:\"tp_smapi-kernel~2.6.27.4~server~1mnb~0.37~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop586-latest\", rpm:\"tp_smapi-kernel-desktop586-latest~0.37~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-desktop-latest\", rpm:\"tp_smapi-kernel-desktop-latest~0.37~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tp_smapi-kernel-server-latest\", rpm:\"tp_smapi-kernel-server-latest~0.37~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~desktop586~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel\", rpm:\"vboxadd-kernel~2.6.27.4~server~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop586-latest\", rpm:\"vboxadd-kernel-desktop586-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-desktop-latest\", rpm:\"vboxadd-kernel-desktop-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxadd-kernel-server-latest\", rpm:\"vboxadd-kernel-server-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~desktop586~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel\", rpm:\"vboxvfs-kernel~2.6.27.4~server~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop586-latest\", rpm:\"vboxvfs-kernel-desktop586-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-desktop-latest\", rpm:\"vboxvfs-kernel-desktop-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vboxvfs-kernel-server-latest\", rpm:\"vboxvfs-kernel-server-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop~1mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~desktop586~1mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel\", rpm:\"vhba-kernel~2.6.27.4~server~1mnb~1.0.0~1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop586-latest\", rpm:\"vhba-kernel-desktop586-latest~1.0.0~1.20081103.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-desktop-latest\", rpm:\"vhba-kernel-desktop-latest~1.0.0~1.20081103.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vhba-kernel-server-latest\", rpm:\"vhba-kernel-server-latest~1.0.0~1.20081103.1.svn304.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~desktop586~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel\", rpm:\"virtualbox-kernel~2.6.27.4~server~1mnb~2.0.2~2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop586-latest\", rpm:\"virtualbox-kernel-desktop586-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-desktop-latest\", rpm:\"virtualbox-kernel-desktop-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"virtualbox-kernel-server-latest\", rpm:\"virtualbox-kernel-server-latest~2.0.2~1.20081103.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop~1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~desktop586~1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel\", rpm:\"vpnclient-kernel~2.6.27.4~server~1mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20081103.3mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.4~1mnb2\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.4~server~1mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-server-latest\", rpm:\"nvidia173-kernel-server-latest~173.14.12~1.20081103.4mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:04", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0885-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2008-3272", "CVE-2008-2931", "CVE-2008-3275", "CVE-2007-6716"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870087", "href": "http://plugins.openvas.org/nasl.php?oid=870087", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0885-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * a missing capability check was found in the Linux kernel do_change_type\n routine. This could allow a local unprivileged user to gain privileged\n access or cause a denial of service. (CVE-2008-2931, Important)\n \n * a flaw was found in the Linux kernel Direct-IO implementation. This could\n allow a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel Open Sound\n System (OSS) implementation. This deficiency could lead to a possible\n information leak. (CVE-2008-3272, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n * a flaw was found in the Linux kernel tmpfs implementation. This could\n allow a local unprivileged user to read sensitive information from the\n kernel. (CVE-2007-6417, Moderate)\n \n Bug fixes:\n \n * when copying a small IPoIB packet from the original skb it was received\n in to a new, smaller skb, all fields in the new skb were not initialized.\n This may have caused a kernel oops.\n \n * previously, data may have been written beyond the end of an array,\n causing memory corruption on certain systems, resulting in hypervisor\n crashes during context switching.\n \n * a kernel crash may have occurred on heavily-used Samba servers after 24\n to 48 hours of use.\n \n * under heavy memory pressure, pages may have been swapped out from under\n the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n \n * the ixgbe driver is untested, but support was advertised for the Intel\n 82598 network card. If this card was present when the ixgbe driver was\n loaded, a NULL pointer dereference and a panic occurred.\n \n * on certain systems, if multiple InfiniBand queue pairs simultaneously\n fell into an error state, an overrun may have occurred, stopping traffic.\n \n * with bridging, when forward delay was set to zero, setting an interface\n to the forwarding state was delayed by one or possibly two timers,\n depending on whether STP was enabled. This may have caused long delays in\n moving an interface to the forwarding state. This issue caused packet loss\n when migrating virtual machines, preventing them from being migrated\n without interrupting applications.\n \n * on certain multinode systems, IPMI device nodes ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-September/msg00013.html\");\n script_id(870087);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0885-01\");\n script_cve_id(\"CVE-2008-2931\", \"CVE-2008-3275\", \"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-3272\");\n script_name( \"RedHat Update for kernel RHSA-2008:0885-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:16", "description": "Oracle Linux Local Security Checks ELSA-2008-0885", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0885", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2008-3272", "CVE-2008-2931", "CVE-2008-3275", "CVE-2007-6716"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122555", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0885.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122555\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:54 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0885\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0885 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0885\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0885.html\");\n script_cve_id(\"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-2931\", \"CVE-2008-3272\", \"CVE-2008-3275\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~92.1.13.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.13.0.1.el5~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.13.0.1.el5PAE~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.13.0.1.el5debug~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.13.0.1.el5xen~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.13.0.1.el5~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.13.0.1.el5PAE~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.13.0.1.el5debug~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.13.0.1.el5xen~2.0.4~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-09T11:39:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0885-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6417", "CVE-2008-3272", "CVE-2008-2931", "CVE-2008-3275", "CVE-2007-6716"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870087", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0885-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * a missing capability check was found in the Linux kernel do_change_type\n routine. This could allow a local unprivileged user to gain privileged\n access or cause a denial of service. (CVE-2008-2931, Important)\n \n * a flaw was found in the Linux kernel Direct-IO implementation. This could\n allow a local unprivileged user to cause a denial of service.\n (CVE-2007-6716, Important)\n \n * Tobias Klein reported a missing check in the Linux kernel Open Sound\n System (OSS) implementation. This deficiency could lead to a possible\n information leak. (CVE-2008-3272, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n * a flaw was found in the Linux kernel tmpfs implementation. This could\n allow a local unprivileged user to read sensitive information from the\n kernel. (CVE-2007-6417, Moderate)\n \n Bug fixes:\n \n * when copying a small IPoIB packet from the original skb it was received\n in to a new, smaller skb, all fields in the new skb were not initialized.\n This may have caused a kernel oops.\n \n * previously, data may have been written beyond the end of an array,\n causing memory corruption on certain systems, resulting in hypervisor\n crashes during context switching.\n \n * a kernel crash may have occurred on heavily-used Samba servers after 24\n to 48 hours of use.\n \n * under heavy memory pressure, pages may have been swapped out from under\n the SGI Altix XPMEM driver, causing silent data corruption in the kernel.\n \n * the ixgbe driver is untested, but support was advertised for the Intel\n 82598 network card. If this card was present when the ixgbe driver was\n loaded, a NULL pointer dereference and a panic occurred.\n \n * on certain systems, if multiple InfiniBand queue pairs simultaneously\n fell into an error state, an overrun may have occurred, stopping traffic.\n \n * with bridging, when forward delay was set to zero, setting an interface\n to the forwarding state was delayed by one or possibly two timers,\n depending on whether STP was enabled. This may have caused long delays in\n moving an interface to the forwarding state. This issue caused packet loss\n when migrating virtual machines, preventing them from being migrated\n without interrupting applications.\n \n * on certain multinode systems, IPMI device nodes ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-September/msg00013.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870087\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0885-01\");\n script_cve_id(\"CVE-2008-2931\", \"CVE-2008-3275\", \"CVE-2007-6417\", \"CVE-2007-6716\", \"CVE-2008-3272\");\n script_name( \"RedHat Update for kernel RHSA-2008:0885-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~92.1.13.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:09", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5036146 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3272", "CVE-2008-0598", "CVE-2008-3525", "CVE-2007-6716", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065175", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065175", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5036146.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5036146 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65175\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3525\", \"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-2812\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.314\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:09", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5036146 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for Linux kernel", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3272", "CVE-2008-0598", "CVE-2008-3525", "CVE-2007-6716", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65175", "href": "http://plugins.openvas.org/nasl.php?oid=65175", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5036146.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Linux kernel\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kernel-bigsmp\n kernel-debug\n kernel-default\n kernel-smp\n kernel-source\n kernel-syms\n kernel-um\n kernel-xen\n kernel-xenpae\n um-host-install-initrd\n um-host-kernel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5036146 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65175);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3525\", \"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-3272\", \"CVE-2008-2812\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Linux kernel\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.314\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:11", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2008:047", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3272", "CVE-2008-0598", "CVE-2008-3525", "CVE-2007-6716", "CVE-2008-2812", "CVE-2008-1673"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850008", "href": "http://plugins.openvas.org/nasl.php?oid=850008", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_047.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for kernel SUSE-SA:2008:047\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The Linux kernel in the SUSE Linux Enterprise Server 9\n Service Pack 4 was released to fix various bugs and also some security\n problems:\n\n CVE-2007-6716: Zero the struct dio with kzalloc instead of doing\n it member-wise, this could have leaked information from the kernel.\n\n CVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\n CVE-2008-0598: On AMD64 some string operations could leak kernel\n information into user space.\n\n CVE-2008-1673: Added range checking in ASN.1 handling for the CIFS and\n SNMP NAT netfilter modules.\n\n CVE-2008-3272: Fixed range checking in the snd_seq OSS ioctl, which\n could be used to leak information from the kernel.\n\n CVE-2008-2812: Various NULL ptr checks have been added to tty op\n functions, which might have been used by local attackers to execute\n code. We think that this affects only devices openable by root, so the\n impact is limited.\n\n More details are available in the package changelog.\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"kernel on SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850008);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-047\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-0598\", \"CVE-2008-1673\", \"CVE-2008-2812\", \"CVE-2008-3272\", \"CVE-2008-3525\");\n script_name( \"SuSE Update for kernel SUSE-SA:2008:047\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"OES\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-um\", rpm:\"kernel-um~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"um-host-install-initrd\", rpm:\"um-host-install-initrd~1.0~48.28\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"um-host-kernel\", rpm:\"um-host-kernel~2.6.5~7.314\", rls:\"OES\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"NLDk9\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-um\", rpm:\"kernel-um~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"um-host-install-initrd\", rpm:\"um-host-install-initrd~1.0~48.28\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"um-host-kernel\", rpm:\"um-host-kernel~2.6.5~7.314\", rls:\"NLDk9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:48", "description": "The remote host is missing an update to the kernel\nannounced via advisory FEDORA-2009-5383.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5383 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-2750", "CVE-2009-1633", "CVE-2009-1439"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64077", "href": "http://plugins.openvas.org/nasl.php?oid=64077", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5383.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5383 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to kernel 2.6.27.24:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.24\nIncludes ext4 bug fixes from Fedora 11.\nUpdates the atl2 network driver to version 2.0.5\n\nChangeLog:\n\n* Wed May 20 2009 Chuck Ebbert 2.6.27.24-78.2.53\n- Allow building the F-9 kernel on F-11.\n* Wed May 20 2009 Chuck Ebbert 2.6.27.24-78.2.52\n- ext4 fixes from Fedora 11:\nlinux-2.6-ext4-clear-unwritten-flag.patch\nlinux-2.6-ext4-fake-delalloc-bno.patch\nlinux-2.6-ext4-fix-i_cached_extent-race.patch\nlinux-2.6-ext4-prealloc-fixes.patch\n* Wed May 20 2009 Chuck Ebbert 2.6.27.24-78.2.51\n- Linux 2.6.27.24\n- Dropped patches, merged upstream:\ncifs-fix-unicode-string-area-word-alignment-2.6.27.patch\n- Update atl2 driver to version 2.0.5\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5383\";\ntag_summary = \"The remote host is missing an update to the kernel\nannounced via advisory FEDORA-2009-5383.\";\n\n\n\nif(description)\n{\n script_id(64077);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\", \"CVE-2009-1439\", \"CVE-2009-1633\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-5383 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=494275\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496572\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:19", "description": "The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-6846.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-6846 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1385", "CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-2750", "CVE-2009-1389"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064296", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064296", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_6846.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-6846 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to linux kernel 2.6.27.25:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.25\nChangeLog:\n\n* Tue Jun 16 2009 Chuck Ebbert 2.6.27.25-78.2.56\n- r8169 network driver fixes from 2.6.29.5 and 2.6.30\n* Tue Jun 16 2009 Chuck Ebbert 2.6.27.25-78.2.55\n- Avoid lockup on OOM with /dev/zero\n- Stop spewing useless warning on parport sysctl registration\n* Sun Jun 14 2009 Chuck Ebbert 2.6.27.25-78.2.54\n- Linux 2.6.27.25\n- Dropped patches, merged in .25\next4.git-1-8657e625a390d09a21970a810f271d74e99b4c8f.patch\next4.git-2-b3239aab20df1446ddfb8d0520076d5fd0d4ecd2.patch\next4.git-3-e9b9a50398f0cc909e5645716c74cc1aecd6699e.patch\next4.git-4-ce54e9c7949d1158512accf23825641a92bd07f9.patch\next4.git-5-e0ee7aa0b15299bc678758a754eec51ee537c53f.patch\nlinux-2.6-ext4-clear-unwritten-flag.patch\nlinux-2.6-ext4-fake-delalloc-bno.patch\nlinux-2.6-ext4-fix-i_cached_extent-race.patch\nlinux-2.6-ext4-prealloc-fixes.patch\n- Added patch from 2.6.29.4:\nkvm-make-efer-reads-safe-when-efer-does-not-exist.patch\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-6846\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-6846.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64296\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\", \"CVE-2009-1385\", \"CVE-2009-1389\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-6846 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502981\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504726\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:25", "description": "The remote host is missing an update to the kernel\nannounced via advisory FEDORA-2009-5383.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5383 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-2750", "CVE-2009-1633", "CVE-2009-1439"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064077", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064077", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5383.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5383 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to kernel 2.6.27.24:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.24\nIncludes ext4 bug fixes from Fedora 11.\nUpdates the atl2 network driver to version 2.0.5\n\nChangeLog:\n\n* Wed May 20 2009 Chuck Ebbert 2.6.27.24-78.2.53\n- Allow building the F-9 kernel on F-11.\n* Wed May 20 2009 Chuck Ebbert 2.6.27.24-78.2.52\n- ext4 fixes from Fedora 11:\nlinux-2.6-ext4-clear-unwritten-flag.patch\nlinux-2.6-ext4-fake-delalloc-bno.patch\nlinux-2.6-ext4-fix-i_cached_extent-race.patch\nlinux-2.6-ext4-prealloc-fixes.patch\n* Wed May 20 2009 Chuck Ebbert 2.6.27.24-78.2.51\n- Linux 2.6.27.24\n- Dropped patches, merged upstream:\ncifs-fix-unicode-string-area-word-alignment-2.6.27.patch\n- Update atl2 driver to version 2.0.5\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5383\";\ntag_summary = \"The remote host is missing an update to the kernel\nannounced via advisory FEDORA-2009-5383.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64077\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\", \"CVE-2009-1439\", \"CVE-2009-1633\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-5383 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=494275\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=496572\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.24~78.2.53.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:06", "description": "The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-6846.", "cvss3": {}, "published": "2009-06-30T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-6846 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1385", "CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-2750", "CVE-2009-1389"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64296", "href": "http://plugins.openvas.org/nasl.php?oid=64296", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_6846.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-6846 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to linux kernel 2.6.27.25:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.25\nChangeLog:\n\n* Tue Jun 16 2009 Chuck Ebbert 2.6.27.25-78.2.56\n- r8169 network driver fixes from 2.6.29.5 and 2.6.30\n* Tue Jun 16 2009 Chuck Ebbert 2.6.27.25-78.2.55\n- Avoid lockup on OOM with /dev/zero\n- Stop spewing useless warning on parport sysctl registration\n* Sun Jun 14 2009 Chuck Ebbert 2.6.27.25-78.2.54\n- Linux 2.6.27.25\n- Dropped patches, merged in .25\next4.git-1-8657e625a390d09a21970a810f271d74e99b4c8f.patch\next4.git-2-b3239aab20df1446ddfb8d0520076d5fd0d4ecd2.patch\next4.git-3-e9b9a50398f0cc909e5645716c74cc1aecd6699e.patch\next4.git-4-ce54e9c7949d1158512accf23825641a92bd07f9.patch\next4.git-5-e0ee7aa0b15299bc678758a754eec51ee537c53f.patch\nlinux-2.6-ext4-clear-unwritten-flag.patch\nlinux-2.6-ext4-fake-delalloc-bno.patch\nlinux-2.6-ext4-fix-i_cached_extent-race.patch\nlinux-2.6-ext4-prealloc-fixes.patch\n- Added patch from 2.6.29.4:\nkvm-make-efer-reads-safe-when-efer-does-not-exist.patch\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-6846\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-6846.\";\n\n\n\nif(description)\n{\n script_id(64296);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-30 00:29:55 +0200 (Tue, 30 Jun 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\", \"CVE-2009-1385\", \"CVE-2009-1389\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-6846 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=502981\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=504726\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.25~78.2.56.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:10", "description": "The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-0816.", "cvss3": {}, "published": "2009-02-02T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-0816 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-5079", "CVE-2009-0065", "CVE-2008-2750", "CVE-2009-0029"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63290", "href": "http://plugins.openvas.org/nasl.php?oid=63290", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_0816.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-0816 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\nUpdate Information:\n\nUpdate to kernel 2.6.27.12:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12\n\nIncludes security fixes:\nCVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing\nCVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is\nreceived with bad stream ID\nAlso fixes bug 478299, reported against Fedora 10:\nAVC denials on kernel 2.6.27.9-159.fc10.x86_64\n\nReverts ALSA driver to the version that is upstream in kernel 2.6.27.\nThis should fix lack of audio on headphone outputs for some notebooks.\n\nChangeLog:\n\n* Mon Jan 19 2009 Chuck Ebbert 2.6.27.12-78.2.8\n- Fix CVE-2009-0065: SCTP buffer overflow\n* Mon Jan 19 2009 Chuck Ebbert 2.6.27.12-78.2.5\n- Revert ALSA to what is upstream in 2.6.27.\n* Mon Jan 19 2009 Kyle McMartin 2.6.27.12-78.2.4\n- Linux 2.6.27.12\n* Mon Jan 19 2009 Kyle McMartin \n- Roll in xen changes to execshield diff as in later kernels.\n(harmless on F-9 as xen was still separate.)\n* Mon Jan 19 2009 Kyle McMartin \n- execshield fixes: should no longer generate spurious handled GPFs,\nfixes randomization of executables. also some clean ups.\n* Fri Jan 16 2009 Chuck Ebbert 2.6.27.12-78.2.3.rc2\n- Linux 2.6.27.12-rc2\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0816\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-0816.\";\n\n\n\nif(description)\n{\n script_id(63290);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2009-0029\", \"CVE-2009-0065\", \"CVE-2008-5079\", \"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-0816 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=480864\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=480861\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:36", "description": "The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-0816.", "cvss3": {}, "published": "2009-02-02T00:00:00", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-0816 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-5079", "CVE-2009-0065", "CVE-2008-2750", "CVE-2009-0029"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063290", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063290", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_0816.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-0816 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\nUpdate Information:\n\nUpdate to kernel 2.6.27.12:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12\n\nIncludes security fixes:\nCVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing\nCVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is\nreceived with bad stream ID\nAlso fixes bug 478299, reported against Fedora 10:\nAVC denials on kernel 2.6.27.9-159.fc10.x86_64\n\nReverts ALSA driver to the version that is upstream in kernel 2.6.27.\nThis should fix lack of audio on headphone outputs for some notebooks.\n\nChangeLog:\n\n* Mon Jan 19 2009 Chuck Ebbert 2.6.27.12-78.2.8\n- Fix CVE-2009-0065: SCTP buffer overflow\n* Mon Jan 19 2009 Chuck Ebbert 2.6.27.12-78.2.5\n- Revert ALSA to what is upstream in 2.6.27.\n* Mon Jan 19 2009 Kyle McMartin 2.6.27.12-78.2.4\n- Linux 2.6.27.12\n* Mon Jan 19 2009 Kyle McMartin \n- Roll in xen changes to execshield diff as in later kernels.\n(harmless on F-9 as xen was still separate.)\n* Mon Jan 19 2009 Kyle McMartin \n- execshield fixes: should no longer generate spurious handled GPFs,\nfixes randomization of executables. also some clean ups.\n* Fri Jan 16 2009 Chuck Ebbert 2.6.27.12-78.2.3.rc2\n- Linux 2.6.27.12-rc2\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update kernel' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-0816\";\ntag_summary = \"The remote host is missing an update to kernel\nannounced via advisory FEDORA-2009-0816.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63290\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2009-0029\", \"CVE-2009-0065\", \"CVE-2008-5079\", \"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-0816 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=480864\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=480861\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug\", rpm:\"kernel-PAEdebug~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-devel\", rpm:\"kernel-PAEdebug-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAEdebug-debuginfo\", rpm:\"kernel-PAEdebug-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bootwrapper\", rpm:\"kernel-bootwrapper~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp-debuginfo\", rpm:\"kernel-smp-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.27.12~78.2.8.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:58", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0973 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-0598", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880079", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0973 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n 64-bit emulation. This could allow a local, unprivileged user to prepare\n and run a specially-crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local user to bypass intended capability restrictions.\n (CVE-2008-3525, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local, unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, Important)\n \n * a buffer overflow flaw was found in Integrated Services Digital Network\n (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a\n denial of service. (CVE-2007-6063, Moderate)\n \n * multiple NULL pointer dereferences were found in various Linux kernel\n network drivers. These drivers were missing checks for terminal validity,\n which could allow privilege escalation. (CVE-2008-2812, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local, unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n This update also fixes the following bugs:\n \n * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap()\n was used where kunmap_atomic() should have been. As a consequence, if an\n NFSv2 or NFSv3 server exported a volume containing a symlink which included\n a path equal to or longer than the local system's PATH_MAX, accessing the\n link caused a kernel oops. This has been corrected in this update.\n \n * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a\n pointer. This caused a kernel panic in mptctl_gettargetinfo in some\n circumstances. A check has been added which prevents this.\n \n * lost tick compensation code in the timer interrupt routine triggered\n without apparent cause. When running as a fully-virtualized client, this\n spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3\n to present hig ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015501.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880079\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0973\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3275\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2007-6063\", \"CVE-2008-3525\");\n script_name( \"CentOS Update for kernel CESA-2008:0973 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:53", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0973 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-0598", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310880082", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880082", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0973 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n 64-bit emulation. This could allow a local, unprivileged user to prepare\n and run a specially-crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local user to bypass intended capability restrictions.\n (CVE-2008-3525, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local, unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, Important)\n \n * a buffer overflow flaw was found in Integrated Services Digital Network\n (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a\n denial of service. (CVE-2007-6063, Moderate)\n \n * multiple NULL pointer dereferences were found in various Linux kernel\n network drivers. These drivers were missing checks for terminal validity,\n which could allow privilege escalation. (CVE-2008-2812, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local, unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n This update also fixes the following bugs:\n \n * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap()\n was used where kunmap_atomic() should have been. As a consequence, if an\n NFSv2 or NFSv3 server exported a volume containing a symlink which included\n a path equal to or longer than the local system's PATH_MAX, accessing the\n link caused a kernel oops. This has been corrected in this update.\n \n * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a\n pointer. This caused a kernel panic in mptctl_gettargetinfo in some\n circumstances. A check has been added which prevents this.\n \n * lost tick compensation code in the timer interrupt routine triggered\n without apparent cause. When running as a fully-virtualized client, this\n spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3\n to present hig ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015502.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880082\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0973\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3275\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2007-6063\", \"CVE-2008-3525\");\n script_name( \"CentOS Update for kernel CESA-2008:0973 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:05", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0009.\n\nThese updated packages address the following security issues:\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to prepare\nand run a specially-crafted binary which would use this deficiency to leak\nuninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n\n* Olaf Kirch reported a flaw in the i915 kernel driver that only affects\nthe Intel G33 series and newer. This flaw could, potentially, lead to local\nprivilege escalation. (CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in\nsys_splice(). This could allow a local, unprivileged user to bypass the\nappend-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission\nProtocol (SCTP) implementation. This could lead to a possible denial of\nservice if one end of a SCTP connection did not support the AUTH extension.\n(CVE-2008-4576, Important)\n\n* Wei Yongjun reported a flaw in the Linux kernel SCTP implementation. In\ncertain code paths, sctp_sf_violation_paramlen() could be called with a\nwrong parameter data type. This could lead to a possible denial of service.\n(CVE-2008-4618, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n\n* the ext2 and ext3 filesystem code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service issue when\nread or write operations were performed. (CVE-2008-3528, Low)\n\nAll Red Hat Enterprise MRG users should install this update which addresses\nthese vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2009-01-26T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0009", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-5029", "CVE-2008-0598", "CVE-2008-3831", "CVE-2008-4618", "CVE-2008-4576"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063250", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063250", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0009.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0009 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0009.\n\nThese updated packages address the following security issues:\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to prepare\nand run a specially-crafted binary which would use this deficiency to leak\nuninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n\n* Olaf Kirch reported a flaw in the i915 kernel driver that only affects\nthe Intel G33 series and newer. This flaw could, potentially, lead to local\nprivilege escalation. (CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in\nsys_splice(). This could allow a local, unprivileged user to bypass the\nappend-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission\nProtocol (SCTP) implementation. This could lead to a possible denial of\nservice if one end of a SCTP connection did not support the AUTH extension.\n(CVE-2008-4576, Important)\n\n* Wei Yongjun reported a flaw in the Linux kernel SCTP implementation. In\ncertain code paths, sctp_sf_violation_paramlen() could be called with a\nwrong parameter data type. This could lead to a possible denial of service.\n(CVE-2008-4618, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n\n* the ext2 and ext3 filesystem code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service issue when\nread or write operations were performed. (CVE-2008-3528, Low)\n\nAll Red Hat Enterprise MRG users should install this update which addresses\nthese vulnerabilities and fixes these bugs.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63250\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-5029\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0009.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:17", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0009.\n\nThese updated packages address the following security issues:\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to prepare\nand run a specially-crafted binary which would use this deficiency to leak\nuninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n\n* Olaf Kirch reported a flaw in the i915 kernel driver that only affects\nthe Intel G33 series and newer. This flaw could, potentially, lead to local\nprivilege escalation. (CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in\nsys_splice(). This could allow a local, unprivileged user to bypass the\nappend-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission\nProtocol (SCTP) implementation. This could lead to a possible denial of\nservice if one end of a SCTP connection did not support the AUTH extension.\n(CVE-2008-4576, Important)\n\n* Wei Yongjun reported a flaw in the Linux kernel SCTP implementation. In\ncertain code paths, sctp_sf_violation_paramlen() could be called with a\nwrong parameter data type. This could lead to a possible denial of service.\n(CVE-2008-4618, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n\n* the ext2 and ext3 filesystem code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service issue when\nread or write operations were performed. (CVE-2008-3528, Low)\n\nAll Red Hat Enterprise MRG users should install this update which addresses\nthese vulnerabilities and fixes these bugs.", "cvss3": {}, "published": "2009-01-26T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0009", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-5029", "CVE-2008-0598", "CVE-2008-3831", "CVE-2008-4618", "CVE-2008-4576"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63250", "href": "http://plugins.openvas.org/nasl.php?oid=63250", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0009.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0009 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0009.\n\nThese updated packages address the following security issues:\n\n* Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n64-bit emulation. This could allow a local, unprivileged user to prepare\nand run a specially-crafted binary which would use this deficiency to leak\nuninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n\n* Olaf Kirch reported a flaw in the i915 kernel driver that only affects\nthe Intel G33 series and newer. This flaw could, potentially, lead to local\nprivilege escalation. (CVE-2008-3831, Important)\n\n* Miklos Szeredi reported a missing check for files opened with O_APPEND in\nsys_splice(). This could allow a local, unprivileged user to bypass the\nappend-only file restrictions. (CVE-2008-4554, Important)\n\n* a deficiency was found in the Linux kernel Stream Control Transmission\nProtocol (SCTP) implementation. This could lead to a possible denial of\nservice if one end of a SCTP connection did not support the AUTH extension.\n(CVE-2008-4576, Important)\n\n* Wei Yongjun reported a flaw in the Linux kernel SCTP implementation. In\ncertain code paths, sctp_sf_violation_paramlen() could be called with a\nwrong parameter data type. This could lead to a possible denial of service.\n(CVE-2008-4618, Important)\n\n* when fput() was called to close a socket, the __scm_destroy() function in\nthe Linux kernel could make indirect recursive calls to itself. This could,\npotentially, lead to a denial of service issue. (CVE-2008-5029, Important)\n\n* the ext2 and ext3 filesystem code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service issue when\nread or write operations were performed. (CVE-2008-3528, Low)\n\nAll Red Hat Enterprise MRG users should install this update which addresses\nthese vulnerabilities and fixes these bugs.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63250);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-26 18:18:20 +0100 (Mon, 26 Jan 2009)\");\n script_cve_id(\"CVE-2008-0598\", \"CVE-2008-3528\", \"CVE-2008-3831\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-5029\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0009\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0009.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~93.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0973-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-0598", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870022", "href": "http://plugins.openvas.org/nasl.php?oid=870022", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0973-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n 64-bit emulation. This could allow a local, unprivileged user to prepare\n and run a specially-crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local user to bypass intended capability restrictions.\n (CVE-2008-3525, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local, unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, Important)\n \n * a buffer overflow flaw was found in Integrated Services Digital Network\n (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a\n denial of service. (CVE-2007-6063, Moderate)\n \n * multiple NULL pointer dereferences were found in various Linux kernel\n network drivers. These drivers were missing checks for terminal validity,\n which could allow privilege escalation. (CVE-2008-2812, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local, unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n This update also fixes the following bugs:\n \n * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap()\n was used where kunmap_atomic() should have been. As a consequence, if an\n NFSv2 or NFSv3 server exported a volume containing a symlink which included\n a path equal to or longer than the local system's PATH_MAX, accessing the\n link caused a kernel oops. This has been corrected in this update.\n \n * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a\n pointer. This caused a kernel panic in mptctl_gettargetinfo in some\n circumstances. A check has been added which prevents this.\n \n * lost tick compensation code in the timer interrupt routine triggered\n without apparent cause. When running as a fully-virtuali ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-December/msg00013.html\");\n script_id(870022);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0973-03\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3275\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2007-6063\", \"CVE-2008-3525\");\n script_name( \"RedHat Update for kernel RHSA-2008:0973-03\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:57", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-13T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2008-11618", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-3831", "CVE-2008-5182", "CVE-2008-5079", "CVE-2008-5300", "CVE-2008-2750"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:860598", "href": "http://plugins.openvas.org/nasl.php?oid=860598", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2008-11618\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 9\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01358.html\");\n script_id(860598);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 10:35:30 +0100 (Fri, 13 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2008-11618\");\n script_cve_id(\"CVE-2008-5079\", \"CVE-2008-5182\", \"CVE-2008-5300\", \"CVE-2008-3528\", \"CVE-2008-3525\", \"CVE-2008-3831\", \"CVE-2008-2750\");\n script_name( \"Fedora Update for kernel FEDORA-2008-11618\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.9~73.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:17", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0973 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-0598", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880079", "href": "http://plugins.openvas.org/nasl.php?oid=880079", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0973 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n 64-bit emulation. This could allow a local, unprivileged user to prepare\n and run a specially-crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local user to bypass intended capability restrictions.\n (CVE-2008-3525, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local, unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, Important)\n \n * a buffer overflow flaw was found in Integrated Services Digital Network\n (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a\n denial of service. (CVE-2007-6063, Moderate)\n \n * multiple NULL pointer dereferences were found in various Linux kernel\n network drivers. These drivers were missing checks for terminal validity,\n which could allow privilege escalation. (CVE-2008-2812, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local, unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n This update also fixes the following bugs:\n \n * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap()\n was used where kunmap_atomic() should have been. As a consequence, if an\n NFSv2 or NFSv3 server exported a volume containing a symlink which included\n a path equal to or longer than the local system's PATH_MAX, accessing the\n link caused a kernel oops. This has been corrected in this update.\n \n * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a\n pointer. This caused a kernel panic in mptctl_gettargetinfo in some\n circumstances. A check has been added which prevents this.\n \n * lost tick compensation code in the timer interrupt routine triggered\n without apparent cause. When running as a fully-virtualized client, this\n spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3\n to present hig ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015501.html\");\n script_id(880079);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0973\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3275\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2007-6063\", \"CVE-2008-3525\");\n script_name( \"CentOS Update for kernel CESA-2008:0973 centos3 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:35", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0973-03", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-0598", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870022", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870022", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0973-03\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n 64-bit emulation. This could allow a local, unprivileged user to prepare\n and run a specially-crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local user to bypass intended capability restrictions.\n (CVE-2008-3525, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local, unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, Important)\n \n * a buffer overflow flaw was found in Integrated Services Digital Network\n (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a\n denial of service. (CVE-2007-6063, Moderate)\n \n * multiple NULL pointer dereferences were found in various Linux kernel\n network drivers. These drivers were missing checks for terminal validity,\n which could allow privilege escalation. (CVE-2008-2812, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local, unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n This update also fixes the following bugs:\n \n * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap()\n was used where kunmap_atomic() should have been. As a consequence, if an\n NFSv2 or NFSv3 server exported a volume containing a symlink which included\n a path equal to or longer than the local system's PATH_MAX, accessing the\n link caused a kernel oops. This has been corrected in this update.\n \n * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a\n pointer. This caused a kernel panic in mptctl_gettargetinfo in some\n circumstances. A check has been added which prevents this.\n \n * lost tick compensation code in the timer interrupt routine triggered\n without apparent cause. When running as a fully-virtuali ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-December/msg00013.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870022\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0973-03\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3275\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2007-6063\", \"CVE-2008-3525\");\n script_name( \"RedHat Update for kernel RHSA-2008:0973-03\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~58.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:10", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-02-27T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2008:0973 centos3 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2008-0598", "CVE-2008-3525", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063", "CVE-2008-2812"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880082", "href": "http://plugins.openvas.org/nasl.php?oid=880082", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2008:0973 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update addresses the following security issues:\n \n * Tavis Ormandy discovered a deficiency in the Linux kernel 32-bit and\n 64-bit emulation. This could allow a local, unprivileged user to prepare\n and run a specially-crafted binary which would use this deficiency to leak\n uninitialized and potentially sensitive data. (CVE-2008-0598, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local user to bypass intended capability restrictions.\n (CVE-2008-3525, Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local, unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, Important)\n \n * a buffer overflow flaw was found in Integrated Services Digital Network\n (ISDN) subsystem. A local, unprivileged user could use this flaw to cause a\n denial of service. (CVE-2007-6063, Moderate)\n \n * multiple NULL pointer dereferences were found in various Linux kernel\n network drivers. These drivers were missing checks for terminal validity,\n which could allow privilege escalation. (CVE-2008-2812, Moderate)\n \n * a deficiency was found in the Linux kernel virtual filesystem (VFS)\n implementation. This could allow a local, unprivileged user to attempt file\n creation within deleted directories, possibly causing a denial of service.\n (CVE-2008-3275, Moderate)\n \n This update also fixes the following bugs:\n \n * the incorrect kunmap function was used in nfs_xdr_readlinkres. kunmap()\n was used where kunmap_atomic() should have been. As a consequence, if an\n NFSv2 or NFSv3 server exported a volume containing a symlink which included\n a path equal to or longer than the local system's PATH_MAX, accessing the\n link caused a kernel oops. This has been corrected in this update.\n \n * mptctl_gettargetinfo did not check if pIoc3 was NULL before using it as a\n pointer. This caused a kernel panic in mptctl_gettargetinfo in some\n circumstances. A check has been added which prevents this.\n \n * lost tick compensation code in the timer interrupt routine triggered\n without apparent cause. When running as a fully-virtualized client, this\n spurious triggering caused the 64-bit version of Red Hat Enterprise Linux 3\n to present hig ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2008-December/015502.html\");\n script_id(880082);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2008:0973\");\n script_cve_id(\"CVE-2008-4210\", \"CVE-2008-3275\", \"CVE-2008-0598\", \"CVE-2008-2136\", \"CVE-2008-2812\", \"CVE-2007-6063\", \"CVE-2008-3525\");\n script_name( \"CentOS Update for kernel CESA-2008:0973 centos3 x86_64\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~58.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:0326 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880702", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880702", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0326 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-April/015712.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880702\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2009:0326\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\",\n \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_name(\"CentOS Update for kernel CESA-2009:0326 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n\n * memory leaks were found on some error paths in the icmp_send()\n function in the Linux kernel. This could, potentially, cause the network\n connectivity to cease. (CVE-2009-0778, Important)\n\n * Chris Evans reported a deficiency in the clone() system call when called\n with the CLONE_PARENT flag. This flaw permits the caller (the parent\n process) to indicate an arbitrary signal it wants to receive when its child\n process exits. This could lead to a denial of service of the parent\n process. (CVE-2009-0028, Moderate)\n\n * an off-by-one underflow flaw was found in the eCryptfs subsystem. This\n could potentially cause a local denial of service when the readlink()\n function returned an error. (CVE-2009-0269, Moderate)\n\n * a deficiency was found in the Remote BIOS Update (RBU) driver for Dell\n systems. This could allow a local, unprivileged user to cause a denial of\n service by reading zero bytes from the image_type or packet_size files in\n '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322, Moderate)\n\n * an inverted logic flaw was found in the SysKonnect FDDI PCI adapter\n driver, allowing driver statistics to be reset only when the CAP_NET_ADMIN\n capability was absent (local, unprivileged users could reset driver\n statistics). (CVE-2009-0675, Moderate)\n\n * the sock_getsockopt() function in the Linux kernel did not properly\n initialize a data structure that can be directly returned to user-space\n when the getsockopt() function is called with SO_BSDCOMPAT optname set.\n This flaw could possibly lead to memory disclosure.\n (CVE-2009-0676, Moderate)\n\n * the ext2 and ext3 file system code failed to properly handle corrupted\n data structures, leading to a possible local denial of service when read\n or write operations were performed on a specially-crafted file system.\n (CVE-2008-3528, Low)\n\n * a deficiency was found in the libATA implementation. This could,\n potentially, lead to a local denial of service. Note: by default, the\n '/dev/sg*' devices are accessible only to the root user.\n (CVE-2008-5700, Low)\n\n Bug fixes:\n\n * a bug in aic94xx may have caused kernel panics during boot on some\n systems with certain SATA disks. (BZ#485909)\n\n * a word endianness problem in the qla2xx driver on PowerPC-based machines\n may have corrupted flash-based devices. (BZ#485908)\n\n * a memory leak in pipe() may have caused a system deadlock. The workaround\n in Section 1.5, Known Issues, of the Red Hat Enterprise Linux 5.3 Release\n Notes Up ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-27T10:56:52", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0326.\n\nSecurity fixes:\n\n* memory leaks were found on some error paths in the icmp_send()\nfunction in the Linux kernel. This could, potentially, cause the network\nconnectivity to cease. (CVE-2009-0778, Important)\n\n* Chris Evans reported a deficiency in the clone() system call when called\nwith the CLONE_PARENT flag. This flaw permits the caller (the parent\nprocess) to indicate an arbitrary signal it wants to receive when its child\nprocess exits. This could lead to a denial of service of the parent\nprocess. (CVE-2009-0028, Moderate)\n\n* an off-by-one underflow flaw was found in the eCryptfs subsystem. This\ncould potentially cause a local denial of service when the readlink()\nfunction returned an error. (CVE-2009-0269, Moderate)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell\nsystems. This could allow a local, unprivileged user to cause a denial of\nservice by reading zero bytes from the image_type or packet_size files in\n/sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate)\n\n* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter\ndriver, allowing driver statistics to be reset only when the CAP_NET_ADMIN\ncapability was absent (local, unprivileged users could reset driver\nstatistics). (CVE-2009-0675, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to user-space\nwhen the getsockopt() function is called with SO_BSDCOMPAT optname set.\nThis flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\n* the ext2 and ext3 file system code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service when read\nor write operations were performed on a specially-crafted file system.\n(CVE-2008-3528, Low)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a local denial of service. Note: by default, the\n/dev/sg* devices are accessible only to the root user.\n(CVE-2008-5700, Low)\n\nAll users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be rebooted for\nthis update to take effect.", "cvss3": {}, "published": "2009-04-06T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0326", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63712", "href": "http://plugins.openvas.org/nasl.php?oid=63712", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0326.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0326 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0326.\n\nSecurity fixes:\n\n* memory leaks were found on some error paths in the icmp_send()\nfunction in the Linux kernel. This could, potentially, cause the network\nconnectivity to cease. (CVE-2009-0778, Important)\n\n* Chris Evans reported a deficiency in the clone() system call when called\nwith the CLONE_PARENT flag. This flaw permits the caller (the parent\nprocess) to indicate an arbitrary signal it wants to receive when its child\nprocess exits. This could lead to a denial of service of the parent\nprocess. (CVE-2009-0028, Moderate)\n\n* an off-by-one underflow flaw was found in the eCryptfs subsystem. This\ncould potentially cause a local denial of service when the readlink()\nfunction returned an error. (CVE-2009-0269, Moderate)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell\nsystems. This could allow a local, unprivileged user to cause a denial of\nservice by reading zero bytes from the image_type or packet_size files in\n/sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate)\n\n* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter\ndriver, allowing driver statistics to be reset only when the CAP_NET_ADMIN\ncapability was absent (local, unprivileged users could reset driver\nstatistics). (CVE-2009-0675, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to user-space\nwhen the getsockopt() function is called with SO_BSDCOMPAT optname set.\nThis flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\n* the ext2 and ext3 file system code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service when read\nor write operations were performed on a specially-crafted file system.\n(CVE-2008-3528, Low)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a local denial of service. Note: by default, the\n/dev/sg* devices are accessible only to the root user.\n(CVE-2008-5700, Low)\n\nAll users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be rebooted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63712);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0326\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0326.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Release_Notes/index.html#d0e497\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:36", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:0326 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880702", "href": "http://plugins.openvas.org/nasl.php?oid=880702", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0326 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n Security fixes:\n \n * memory leaks were found on some error paths in the icmp_send()\n function in the Linux kernel. This could, potentially, cause the network\n connectivity to cease. (CVE-2009-0778, Important)\n \n * Chris Evans reported a deficiency in the clone() system call when called\n with the CLONE_PARENT flag. This flaw permits the caller (the parent\n process) to indicate an arbitrary signal it wants to receive when its child\n process exits. This could lead to a denial of service of the parent\n process. (CVE-2009-0028, Moderate)\n \n * an off-by-one underflow flaw was found in the eCryptfs subsystem. This\n could potentially cause a local denial of service when the readlink()\n function returned an error. (CVE-2009-0269, Moderate)\n \n * a deficiency was found in the Remote BIOS Update (RBU) driver for Dell\n systems. This could allow a local, unprivileged user to cause a denial of\n service by reading zero bytes from the image_type or packet_size files in\n "/sys/devices/platform/dell_rbu/". (CVE-2009-0322, Moderate)\n \n * an inverted logic flaw was found in the SysKonnect FDDI PCI adapter\n driver, allowing driver statistics to be reset only when the CAP_NET_ADMIN\n capability was absent (local, unprivileged users could reset driver\n statistics). (CVE-2009-0675, Moderate)\n \n * the sock_getsockopt() function in the Linux kernel did not properly\n initialize a data structure that can be directly returned to user-space\n when the getsockopt() function is called with SO_BSDCOMPAT optname set.\n This flaw could possibly lead to memory disclosure.\n (CVE-2009-0676, Moderate)\n \n * the ext2 and ext3 file system code failed to properly handle corrupted\n data structures, leading to a possible local denial of service when read\n or write operations were performed on a specially-crafted file system.\n (CVE-2008-3528, Low)\n \n * a deficiency was found in the libATA implementation. This could,\n potentially, lead to a local denial of service. Note: by default, the\n "/dev/sg*" devices are accessible only to the root user.\n (CVE-2008-5700, Low)\n \n Bug fixes:\n \n * a bug in aic94xx may have caused kernel panics during boot on some\n systems with certain SATA disks. (BZ#485909)\n \n * a word endianness problem in the qla2xx driver on PowerPC-based machines\n may have corrupted flash-based devices. (BZ#485908)\n \n * a memory leak in pipe() may have caused a system deadlock. The workaround\n in Section 1.5, Known Issues, of the Red Hat Enterprise Linux 5.3 Release\n Notes Up ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-April/015712.html\");\n script_id(880702);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0326\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\",\n \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_name(\"CentOS Update for kernel CESA-2009:0326 centos5 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:07", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0326.", "cvss3": {}, "published": "2009-04-06T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0326 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63752", "href": "http://plugins.openvas.org/nasl.php?oid=63752", "sourceData": "#CESA-2009:0326 63752 2\n# $Id: ovcesa2009_0326.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0326 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0326\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0326\nhttps://rhn.redhat.com/errata/RHSA-2009-0326.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0326.\";\n\n\n\nif(description)\n{\n script_id(63752);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0326 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:44", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0326.\n\nSecurity fixes:\n\n* memory leaks were found on some error paths in the icmp_send()\nfunction in the Linux kernel. This could, potentially, cause the network\nconnectivity to cease. (CVE-2009-0778, Important)\n\n* Chris Evans reported a deficiency in the clone() system call when called\nwith the CLONE_PARENT flag. This flaw permits the caller (the parent\nprocess) to indicate an arbitrary signal it wants to receive when its child\nprocess exits. This could lead to a denial of service of the parent\nprocess. (CVE-2009-0028, Moderate)\n\n* an off-by-one underflow flaw was found in the eCryptfs subsystem. This\ncould potentially cause a local denial of service when the readlink()\nfunction returned an error. (CVE-2009-0269, Moderate)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell\nsystems. This could allow a local, unprivileged user to cause a denial of\nservice by reading zero bytes from the image_type or packet_size files in\n/sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate)\n\n* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter\ndriver, allowing driver statistics to be reset only when the CAP_NET_ADMIN\ncapability was absent (local, unprivileged users could reset driver\nstatistics). (CVE-2009-0675, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to user-space\nwhen the getsockopt() function is called with SO_BSDCOMPAT optname set.\nThis flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\n* the ext2 and ext3 file system code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service when read\nor write operations were performed on a specially-crafted file system.\n(CVE-2008-3528, Low)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a local denial of service. Note: by default, the\n/dev/sg* devices are accessible only to the root user.\n(CVE-2008-5700, Low)\n\nAll users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be rebooted for\nthis update to take effect.", "cvss3": {}, "published": "2009-04-06T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0326", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063712", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063712", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0326.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0326 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0326.\n\nSecurity fixes:\n\n* memory leaks were found on some error paths in the icmp_send()\nfunction in the Linux kernel. This could, potentially, cause the network\nconnectivity to cease. (CVE-2009-0778, Important)\n\n* Chris Evans reported a deficiency in the clone() system call when called\nwith the CLONE_PARENT flag. This flaw permits the caller (the parent\nprocess) to indicate an arbitrary signal it wants to receive when its child\nprocess exits. This could lead to a denial of service of the parent\nprocess. (CVE-2009-0028, Moderate)\n\n* an off-by-one underflow flaw was found in the eCryptfs subsystem. This\ncould potentially cause a local denial of service when the readlink()\nfunction returned an error. (CVE-2009-0269, Moderate)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell\nsystems. This could allow a local, unprivileged user to cause a denial of\nservice by reading zero bytes from the image_type or packet_size files in\n/sys/devices/platform/dell_rbu/. (CVE-2009-0322, Moderate)\n\n* an inverted logic flaw was found in the SysKonnect FDDI PCI adapter\ndriver, allowing driver statistics to be reset only when the CAP_NET_ADMIN\ncapability was absent (local, unprivileged users could reset driver\nstatistics). (CVE-2009-0675, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to user-space\nwhen the getsockopt() function is called with SO_BSDCOMPAT optname set.\nThis flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\n* the ext2 and ext3 file system code failed to properly handle corrupted\ndata structures, leading to a possible local denial of service when read\nor write operations were performed on a specially-crafted file system.\n(CVE-2008-3528, Low)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a local denial of service. Note: by default, the\n/dev/sg* devices are accessible only to the root user.\n(CVE-2008-5700, Low)\n\nAll users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be rebooted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63712\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0326\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0326.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Release_Notes/index.html#d0e497\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump\", rpm:\"kernel-kdump~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-debuginfo\", rpm:\"kernel-kdump-debuginfo~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-kdump-devel\", rpm:\"kernel-kdump-devel~2.6.18~128.1.6.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:30", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0326.", "cvss3": {}, "published": "2009-04-06T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0326 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063752", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063752", "sourceData": "#CESA-2009:0326 63752 2\n# $Id: ovcesa2009_0326.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0326 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0326\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0326\nhttps://rhn.redhat.com/errata/RHSA-2009-0326.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0326.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63752\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-06 20:58:11 +0200 (Mon, 06 Apr 2009)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0326 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:33", "description": "Oracle Linux Local Security Checks ELSA-2009-0326", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0326", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0675", "CVE-2009-0028", "CVE-2009-0778", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0269"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122501", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122501", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0326.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122501\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:46:47 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0326\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0326 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0326\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0326.html\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-5700\", \"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0778\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~128.1.6.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5PAE~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5PAE~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5debug~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5debug~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5xen~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~128.1.6.0.1.el5xen~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.6.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.6.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.6.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~128.1.6.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-27T10:56:14", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0957-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3527", "CVE-2006-5755", "CVE-2008-3276", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-3833"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870061", "href": "http://plugins.openvas.org/nasl.php?oid=870061", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0957-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * the Xen implementation did not prevent applications running in a\n para-virtualized guest from modifying CR4 TSC. This could cause a local\n denial of service. (CVE-2007-5907, Important)\n \n * Tavis Ormandy reported missing boundary checks in the Virtual Dynamic\n Shared Objects (vDSO) implementation. This could allow a local unprivileged\n user to cause a denial of service or escalate privileges. (CVE-2008-3527,\n Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, CVE-2008-3833,\n Important)\n \n * a flaw was found in the Linux kernel splice implementation. This could\n cause a local denial of service when there is a certain failure in the\n add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n \n * a flaw was found in the Linux kernel when running on AMD64 systems.\n During a context switch, EFLAGS were being neither saved nor restored. This\n could allow a local unprivileged user to cause a denial of service.\n (CVE-2006-5755, Low)\n \n * a flaw was found in the Linux kernel virtual memory implementation. This\n could allow a local unprivileged user to cause a denial of service.\n (CVE-2008-2372, Low)\n \n * an integer overflow was discovered in the Linux kernel Datagram\n Congestion Control Protocol (DCCP) implementation. This could allow a\n remote attacker to cause a denial of service. By default, remote DCCP is\n blocked by SELinux. (CVE-2008-3276, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * random32() seeding has been improved. \n \n * in a multi-core environment, a race between the QP async event-handler\n and the destro_qp() function could occur. This led to unpredictable results\n during invalid memory access, which could lead to a kernel crash.\n \n * a format string was omitted in the call to the request_module() function.\n \n * a stack overflow caused by an infinite recursion bug in the binfmt_misc\n kernel module was corrected.\n \n * the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for\n scatterlist usage before calling kmap_atomic().\n \n * a sentinel NUL byte was added to the device_write() function to ensure\n that lspace.name is NUL-terminated.\n \n * in the character device driver, a range_is_allowed() check was added to\n the read_mem() and write_mem() functions. It was possible for an\n illegitimate application to b ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-November/msg00001.html\");\n script_id(870061);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0957-02\");\n script_cve_id(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_name( \"RedHat Update for kernel RHSA-2008:0957-02\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:40:13", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-03-06T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2008:0957-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3527", "CVE-2006-5755", "CVE-2008-3276", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-3833"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310870061", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870061", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2008:0957-02\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n * the Xen implementation did not prevent applications running in a\n para-virtualized guest from modifying CR4 TSC. This could cause a local\n denial of service. (CVE-2007-5907, Important)\n \n * Tavis Ormandy reported missing boundary checks in the Virtual Dynamic\n Shared Objects (vDSO) implementation. This could allow a local unprivileged\n user to cause a denial of service or escalate privileges. (CVE-2008-3527,\n Important)\n \n * the do_truncate() and generic_file_splice_write() functions did not clear\n the setuid and setgid bits. This could allow a local unprivileged user to\n obtain access to privileged information. (CVE-2008-4210, CVE-2008-3833,\n Important)\n \n * a flaw was found in the Linux kernel splice implementation. This could\n cause a local denial of service when there is a certain failure in the\n add_to_page_cache_lru() function. (CVE-2008-4302, Important)\n \n * a flaw was found in the Linux kernel when running on AMD64 systems.\n During a context switch, EFLAGS were being neither saved nor restored. This\n could allow a local unprivileged user to cause a denial of service.\n (CVE-2006-5755, Low)\n \n * a flaw was found in the Linux kernel virtual memory implementation. This\n could allow a local unprivileged user to cause a denial of service.\n (CVE-2008-2372, Low)\n \n * an integer overflow was discovered in the Linux kernel Datagram\n Congestion Control Protocol (DCCP) implementation. This could allow a\n remote attacker to cause a denial of service. By default, remote DCCP is\n blocked by SELinux. (CVE-2008-3276, Low)\n \n In addition, these updated packages fix the following bugs:\n \n * random32() seeding has been improved. \n \n * in a multi-core environment, a race between the QP async event-handler\n and the destro_qp() function could occur. This led to unpredictable results\n during invalid memory access, which could lead to a kernel crash.\n \n * a format string was omitted in the call to the request_module() function.\n \n * a stack overflow caused by an infinite recursion bug in the binfmt_misc\n kernel module was corrected.\n \n * the ata_scsi_rbuf_get() and ata_scsi_rbuf_put() functions now check for\n scatterlist usage before calling kmap_atomic().\n \n * a sentinel NUL byte was added to the device_write() function to ensure\n that lspace.name is NUL-terminated.\n \n * in the character device driver, a range_is_allowed() check was added to\n the read_mem() and write_mem() functions. It was possible for an\n illegitimate application to b ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2008-November/msg00001.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870061\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2008:0957-02\");\n script_cve_id(\"CVE-2006-5755\", \"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\");\n script_name( \"RedHat Update for kernel RHSA-2008:0957-02\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~92.1.17.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:14", "description": "Oracle Linux Local Security Checks ELSA-2008-0957", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2008-0957", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-5907", "CVE-2008-2372", "CVE-2008-3527", "CVE-2006-5755", "CVE-2008-3276", "CVE-2008-4210", "CVE-2008-4302", "CVE-2008-3833"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122545", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122545", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2008-0957.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122545\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:43 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2008-0957\");\n script_tag(name:\"insight\", value:\"ELSA-2008-0957 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2008-0957\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2008-0957.html\");\n script_cve_id(\"CVE-2007-5907\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3527\", \"CVE-2008-3833\", \"CVE-2008-4210\", \"CVE-2008-4302\", \"CVE-2006-5755\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~92.1.17.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5PAE~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5PAE~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5debug~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5debug~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5xen~1.2.9~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~92.1.17.0.1.el5xen~1.4.1~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.17.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.17.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.17.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~92.1.17.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-24T12:50:23", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1687-1.", "cvss3": {}, "published": "2008-12-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1687-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-5029", "CVE-2008-3527", "CVE-2008-5079", "CVE-2008-5025", "CVE-2008-4576", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-4934"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:62957", "href": "http://plugins.openvas.org/nasl.php?oid=62957", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1687_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1687-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. For details,\nplease visit the referenced security advisories.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-23etch1.\n\nWe recommend that you upgrade your linux-2.6, fai-kernels, and\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1687-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201687-1\";\n\n\nif(description)\n{\n script_id(62957);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-23 18:28:16 +0100 (Tue, 23 Dec 2008)\");\n script_cve_id(\"CVE-2008-3527\", \"CVE-2008-3528\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5079\", \"CVE-2008-5300\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1687-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.18\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.18\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.18\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.18\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.18\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.18-6\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-legacy\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-alpha\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-alpha\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-alpha-generic\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fai-kernels\", ver:\"1.17+etch.23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-rpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-iop32x\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-arm\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s3c2410\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-ixp4xx\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-footbridge\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-hppa\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-parisc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-parisc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.18-1um-2etch.23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-k7\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.18-6-xen-vserver-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686-bigmem\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-i386\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-k7\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-486\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-xen-686\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-ia64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-itanium\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-mckinley\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-qemu\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mips\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-ip32\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-ip22\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sb1-bcm91250a\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sb1a-bcm91480b\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r5k-cobalt\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-r3k-kn02\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-r4k-kn04\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-mipsel\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-powerpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-miboot\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-prep\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-powerpc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-powerpc-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390-tape\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-s390x\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-s390\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-s390x\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-vserver-sparc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-all-sparc\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.18-6-sparc32\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.18-6-sparc64-smp\", ver:\"2.6.18.dfsg.1-23etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:12", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-659-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3525", "CVE-2008-4445", "CVE-2008-2372", "CVE-2008-3535", "CVE-2008-4113", "CVE-2008-3792", "CVE-2008-3276", "CVE-2008-3534", "CVE-2007-6716", "CVE-2008-3915", "CVE-2008-3526"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840224", "href": "http://plugins.openvas.org/nasl.php?oid=840224", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_659_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the direct-IO subsystem did not correctly validate\n certain structures. A local attacker could exploit this to cause a system\n crash, leading to a denial of service. (CVE-2007-6716)\n\n It was discovered that the disabling of the ZERO_PAGE optimization could\n lead to large memory consumption. A local attacker could exploit this to\n allocate all available memory, leading to a denial of service.\n (CVE-2008-2372)\n \n It was discovered that the Datagram Congestion Control Protocol (DCCP) did\n not correctly validate its arguments. If DCCP was in use, a remote attacker\n could send specially crafted network traffic and cause a system crash,\n leading to a denial of service. (CVE-2008-3276)\n \n It was discovered that the SBNI WAN driver did not correctly check for the\n NET_ADMIN capability. A malicious local root user lacking CAP_NET_ADMIN\n would be able to change the WAN device configuration, leading to a denial\n of service. (CVE-2008-3525)\n \n It was discovered that the Stream Control Transmission Protocol (SCTP) did\n not correctly validate the key length in the SCTP_AUTH_KEY option. If SCTP\n is in use, a remote attacker could send specially crafted network traffic\n that would crash the system, leading to a denial of service.\n (CVE-2008-3526)\n \n It was discovered that the tmpfs implementation did not correctly handle\n certain sequences of inode operations. A local attacker could exploit this\n to crash the system, leading to a denial of service. (CVE-2008-3534)\n \n It was discovered that the readv/writev functions did not correctly handle\n certain sequences of file operations. A local attacker could exploit this\n to crash the system, leading to a denial of service. (CVE-2008-3535)\n \n It was discovered that SCTP did not correctly validate its userspace\n arguments. A local attacker could call certain sctp_* functions with\n malicious options and cause a system crash, leading to a denial of service.\n (CVE-2008-3792, CVE-2008-4113, CVE-2008-4445)\n \n Johann Dahm and David Richter discovered that NFSv4 did not correctly\n handle certain file ACLs. If NFSv4 is in use, a local attacker could create\n a malicious ACL that could cause a system crash, leading to a denial of\n service. (CVE-2008-3915)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-659-1\";\ntag_affected = \"linux, linux-source-2.6.15/22 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 7.10 ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-659-1/\");\n script_id(840224);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"659-1\");\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-2372\", \"CVE-2008-3276\", \"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-3534\", \"CVE-2008-3535\", \"CVE-2008-3792\", \"CVE-2008-3915\", \"CVE-2008-4113\", \"CVE-2008-4445\");\n script_name( \"Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-659-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-52-386_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-52-686_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-52-k7_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-52-server-bigiron_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-52-server_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-52_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-52-386_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-52-686_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-52-k7_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-52-server-bigiron_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-52-server_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.15_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.15_2.6.15-52.73\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-386_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-generic_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-openvz_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-rt_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-server_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-virtual_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21-xen_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-386_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-generic_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-server_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-virtual_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-21-386_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-21-generic_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-21-server_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-21-virtual_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-openvz_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-rt_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-21-xen_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.24_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-21_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.24_2.6.24-21.43\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-386_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-generic_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-rt_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-server_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-ume_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-virtual_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15-xen_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-386_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-generic_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-server_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-virtual_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-15-386_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-15-generic_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-15-server_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-15-virtual_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-rt_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-ume_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-15-xen_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.22_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-15_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.22_2.6.22-15.59\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-12T11:20:56", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2009-01-23T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2008:053", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3528", "CVE-2008-3525", "CVE-2008-4445", "CVE-2008-4618", "CVE-2008-4113", "CVE-2008-4576", "CVE-2008-3792", "CVE-2008-4410", "CVE-2008-3911", "CVE-2008-3526"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850035", "href": "http://plugins.openvas.org/nasl.php?oid=850035", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2008_053.nasl 8050 2017-12-08 09:34:29Z santu $\n#\n# SuSE Update for kernel SUSE-SA:2008:053\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This patch updates the openSUSE 11.0 kernel to the 2.6.25.18 stable\n release.\n\n It also includes bugfixes and security fixes:\n\n CVE-2008-4410: The vmi_write_ldt_entry function in\n arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the\n Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry\n was intended, which allows local users to cause a denial of service\n (persistent application failure) via crafted function calls, related\n to the Java Runtime Environment (JRE) experiencing improper LDT\n selector state.\n\n CVE-2008-4618: Fixed a kernel panic in SCTP while process protocol\n violation parameter.\n\n CVE-2008-3528: The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem image or partition\n that have corrupted dir->i_size and dir->i_blocks, a user performing\n either a read or write operation on the mounted image or partition\n can lead to a possible denial of service by spamming the logfile.\n\n CVE-2008-3526: Integer overflow in the sctp_setsockopt_auth_key\n function in net/sctp/socket.c in the Stream Control Transmission\n Protocol (sctp) implementation in the Linux kernel allows remote\n attackers to cause a denial of service (panic) or possibly have\n unspecified other impact via a crafted sca_keylength field associated\n with the SCTP_AUTH_KEY option.\n\n CVE-2008-3525: Added missing capability checks in sbni_ioctl().\n\n CVE-2008-4576: SCTP in Linux kernel before 2.6.25.18 allows remote\n attackers to cause a denial of service (OOPS) via an INIT-ACK\n that states the peer does not support AUTH, which causes the\n sctp_process_init function to clean up active transports and triggers\n the OOPS when the T1-Init timer expires.\n\n CVE-2008-4445: The sctp_auth_ep_set_hmacs function in net/sctp/auth.c\n in the Stream Control Transmission Protocol (sctp) implementation\n in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension\n is enabled, does not verify that the identifier index is within the\n bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users\n to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL\n request involving the sctp_getsockopt function.\n\n CVE-2008-3792: net/sctp/socket.c in the Stream Control Transmission\n Pro ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_impact = \"remote denial of service\";\ntag_affected = \"kernel on openSUSE 11.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_id(850035);\n script_version(\"$Revision: 8050 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-23 16:44:26 +0100 (Fri, 23 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2008-053\");\n script_cve_id(\"CVE-2008-3525\", \"CVE-2008-3526\", \"CVE-2008-3528\", \"CVE-2008-3792\", \"CVE-2008-3911\", \"CVE-2008-4113\", \"CVE-2008-4410\", \"CVE-2008-4445\", \"CVE-2008-4576\", \"CVE-2008-4618\");\n script_name( \"SuSE Update for kernel SUSE-SA:2008:053\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-rt_debug\", rpm:\"kernel-rt_debug~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.25.18~0.2\", rls:\"openSUSE11.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:18", "description": "The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1681-1.", "cvss3": {}, "published": "2008-12-10T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1681-1 (linux-2.6.24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-3528", "CVE-2008-5029", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-4618", "CVE-2008-5025", "CVE-2008-4576", "CVE-2008-5300", "CVE-2008-4933", "CVE-2008-4934"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:62843", "href": "http://plugins.openvas.org/nasl.php?oid=62843", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1681_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1681-1 (linux-2.6.24)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2008-3528\n\nEugene Teo reported a local DoS issue in the ext2 and ext3\nfilesystems. Local users who have been granted the privileges\nnecessary to mount a filesystem would be able to craft a corrupted\nfilesystem that causes the kernel to output error messages in an\ninfinite loop.\n\nCVE-2008-4554\n\nMilos Szeredi reported that the usage of splice() on files opened\nwith O_APPEND allows users to write to the file at arbitrary\noffsets, enabling a bypass of possible assumed semantics of the\nO_APPEND flag.\n\nCVE-2008-4576\n\nVlad Yasevich reported an issue in the SCTP subsystem that may\nallow remote users to cause a local DoS by triggering a kernel\noops.\n\nCVE-2008-4618\n\nWei Yongjun reported an issue in the SCTP subsystem that may allow\nremote users to cause a local DoS by triggering a kernel panic.\n\nCVE-2008-4933\n\nEric Sesterhenn reported a local DoS issue in the hfsplus\nfilesystem. Local users who have been granted the privileges\nnecessary to mount a filesystem would be able to craft a corrupted\nfilesystem that causes the kernel to overrun a buffer, resulting\nin a system oops or memory corruption.\n\nCVE-2008-4934\n\nEric Sesterhenn reported a local DoS issue in the hfsplus\nfilesystem. Local users who have been granted the privileges\nnecessary to mount a filesystem would be able to craft a corrupted\nfilesystem that results in a kernel oops due to an unchecked\nreturn value.\n\nCVE-2008-5025\n\nEric Sesterhenn reported a local DoS issue in the hfs filesystem.\nLocal users who have been granted the privileges necessary to\nmount a filesystem would be able to craft a filesystem with a\ncorrupted catalog name length, resulting in a system oops or\nmemory corruption.\n\nCVE-2008-5029\n\nAndrea Bittau reported a DoS issue in the unix socket subsystem\nthat allows a local user to cause memory corruption, resulting in\na kernel panic.\n\nCVE-2008-5134\n\nJohannes Berg reported a remote DoS issue in the libertas wireless\ndriver, which can be triggered by a specially crafted beacon/probe\nresponse.\n\nCVE-2008-5182\n\nAl Viro reported race conditions in the inotify subsystem that may\nallow local users to acquire elevated privileges.\n\nCVE-2008-5300\n\nDann Frazier reported a DoS condition that allows local users to\ncause the out of memory handler to kill off privileged processes\nor trigger soft lockups due to a starvation issue in the unix\nsocket subsystem.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.7.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1681-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201681-1\";\n\n\nif(description)\n{\n script_id(62843);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-12-10 05:23:56 +0100 (Wed, 10 Dec 2008)\");\n script_cve_id(\"CVE-2008-3528\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5134\", \"CVE-2008-5182\", \"CVE-2008-5300\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1681-1 (linux-2.6.24)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.24\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.24\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.24-etchnhalf.1\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.24\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-common\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-footbridge\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-iop32x\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-s390x\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-s390\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390x\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sparc64\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", ver:\"2.6.24-6~etchnhalf.7\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:07", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-679-1", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4554", "CVE-2008-5029", "CVE-2008-3831", "CVE-2007-5498", "CVE-2008-5033", "CVE-2008-4618", "CVE-2008-5025", "CVE-2008-4576", "CVE-2008-4933", "CVE-2008-4210", "CVE-2008-4934"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840288", "href": "http://plugins.openvas.org/nasl.php?oid=840288", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_679_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the Xen hypervisor block driver did not correctly\n validate requests. A user with root privileges in a guest OS could make a\n malicious IO request with a large number of blocks that would crash the\n host OS, leading to a denial of service. This only affected Ubuntu 7.10.\n (CVE-2007-5498)\n\n It was discovered the the i915 video driver did not correctly validate\n memory addresses. A local attacker could exploit this to remap memory that\n could cause a system crash, leading to a denial of service. This issue did\n not affect Ubuntu 6.06 and was previous fixed for Ubuntu 7.10 and 8.04 in\n USN-659-1. Ubuntu 8.10 has now been corrected as well. (CVE-2008-3831)\n \n David Watson discovered that the kernel did not correctly strip permissions\n when creating files in setgid directories. A local user could exploit this\n to gain additional group privileges. This issue only affected Ubuntu 6.06.\n (CVE-2008-4210)\n \n Olaf Kirch and Miklos Szeredi discovered that the Linux kernel did\n not correctly reject the "append" flag when handling file splice\n requests. A local attacker could bypass append mode and make changes to\n arbitrary locations in a file. This issue only affected Ubuntu 7.10 and\n 8.04. (CVE-2008-4554)\n \n It was discovered that the SCTP stack did not correctly handle INIT-ACK. A\n remote user could exploit this by sending specially crafted SCTP traffic\n which would trigger a crash in the system, leading to a denial of service.\n This issue did not affect Ubuntu 8.10. (CVE-2008-4576)\n \n It was discovered that the SCTP stack did not correctly handle bad packet\n lengths. A remote user could exploit this by sending specially crafted SCTP\n traffic which would trigger a crash in the system, leading to a denial of\n service. This issue did not affect Ubuntu 8.10. (CVE-2008-4618)\n \n Eric Sesterhenn discovered multiple flaws in the HFS+ filesystem. If a\n local user or automated system were tricked into mounting a malicious HFS+\n filesystem, the system could crash, leading to a denial of service.\n (CVE-2008-4933, CVE-2008-4934, CVE-2008-5025)\n \n It was discovered that the Unix Socket handler did not correctly process\n the SCM_RIGHTS message. A local attacker could make a malicious socket\n request that would crash the system, leading to a denial of service.\n (CVE-2008-5029)\n \n It was discovered that the driver for simple i2c audio interfaces did not\n correctly validate certain function pointers. A local user could exploit\n this to gain root privileges or crash the system, leading to a denial of\n service. (CVE-2008-5033)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-679-1\";\ntag_affected = \"linux, linux-source-2.6.15/22 vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 7.10 ,\n Ubuntu 8.04 LTS ,\n Ubuntu 8.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-679-1/\");\n script_id(840288);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"679-1\");\n script_cve_id(\"CVE-2007-5498\", \"CVE-2008-3831\", \"CVE-2008-4210\", \"CVE-2008-4554\", \"CVE-2008-4576\", \"CVE-2008-4618\", \"CVE-2008-4933\", \"CVE-2008-4934\", \"CVE-2008-5025\", \"CVE-2008-5029\", \"CVE-2008-5033\");\n script_name( \"Ubuntu Update for linux, linux-source-2.6.15/22 vulnerabilities USN-679-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.15-53-386_2.6.15-53.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.15-53-686_2.6.15-53.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.15-53-k7_2.6.15-53.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.15-53-server-bigiron_2.6.15-53.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.15-53-server_2.6.15-53.11\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-53-386_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-53-686_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-53-k7_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-53-server-bigiron_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-53-server_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.15-53_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-53-386_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-53-686_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-53-k7_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-53-server-bigiron_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.15-53-server_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-kernel-source\", ver:\"3.11+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-kernel-source\", ver:\"8.25.18+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-kernel-source\", ver:\"1.0.8776+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-legacy-kernel-source\", ver:\"1.0.7174+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-firmware\", ver:\"2.6.15-53_3.11+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-control\", ver:\"8.25.18+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.15-53-386_2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.15-53-686_2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.15-53-k7_2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-dev\", ver:\"1.0.8776+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy-dev\", ver:\"1.0.7174+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy\", ver:\"1.0.7174+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx\", ver:\"1.0.8776+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx-dev\", ver:\"7.0.0-8.25.18+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx\", ver:\"7.0.0-8.25.18+2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.15_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.15_2.6.15-53.74\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules-common\", ver:\"2.6.15.12-53.4\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.27-9-generic_2.6.27-9.5\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.27-9-server_2.6.27-9.5\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.27-9-generic_2.6.27-9.5\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.27-9-server_2.6.27-9.5\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.27-9-generic_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.27-9-server_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.27-9-generic_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.27-9-server_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.27-9-virtual_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.27-9-generic_2.6.27-9.13\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.27-9-server_2.6.27-9.13\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.27_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.27-9_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.27_2.6.27-9.19\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules-common\", ver:\"2.6.27-9.13\", rls:\"UBUNTU8.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-386_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-generic_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-server_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-virtual_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-386_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-generic_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-server_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-virtual_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-386_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-generic_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-server_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-virtual_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-386_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-generic_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-server_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-virtual_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-386_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-generic_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-openvz_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-rt_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-server_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-virtual_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22-xen_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-386_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-generic_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-server_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-virtual_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-22-386_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-22-generic_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-22-server_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.24-22-virtual_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-kernel-source_8-3+2.6.24.14\", ver:\"22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.24-22-openvz_2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.24-22-rt_2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.24-22-xen_2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy-dev\", ver:\"71.86.04+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy\", ver:\"71.86.04+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-kernel-source\", ver:\"96.43.05+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-legacy-kernel-source\", ver:\"71.86.04+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-firmware\", ver:\"2.6.24-22_3.11+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-kernel-source\", ver:\"3.11+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-amdcccle\", ver:\"2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-control_8-3+2.6.24.14\", ver:\"22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.24-22-386_2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.24-22-generic_2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.24-22-server_2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-dev\", ver:\"96.43.05+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-new-dev\", ver:\"169.12+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-new\", ver:\"169.12+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx\", ver:\"96.43.05+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-new-kernel-source\", ver:\"169.12+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx-dev\", ver:\"7.1.0-8-3+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx\", ver:\"7.1.0-8-3+2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-openvz_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-rt_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.24-22-xen_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-openvz_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-rt_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lbm\", ver:\"2.6.24-22-xen_2.6.24-22.29\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-openvz_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-rt_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-lum\", ver:\"2.6.24-22-xen_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-openvz_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-rt_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.24-22-xen_2.6.24-22.35\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-openvz_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-rt_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.24-22-xen_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.24_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.24-22_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.24_2.6.24-22.45\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules-common\", ver:\"2.6.24.14-22.53\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.22-16-386_2.6.22-16.17\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.22-16-generic_2.6.22-16.17\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.22-16-server_2.6.22-16.17\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-386_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-generic_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-rt_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-server_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-ume_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-virtual_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16-xen_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-386_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-generic_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-server_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-virtual_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-16-386_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-16-generic_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-16-server_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug\", ver:\"2.6.22-16-virtual_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-386_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-generic_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-server_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-virtual_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-kernel-source\", ver:\"3.11+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-kernel-source\", ver:\"8.37.6+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.22-16-rt_2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.22-16-xen_2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy-dev\", ver:\"1.0.7185+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-legacy\", ver:\"1.0.7185+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-kernel-source\", ver:\"1.0.9639+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-legacy-kernel-source\", ver:\"1.0.7185+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"avm-fritz-firmware\", ver:\"2.6.22-16_3.11+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fglrx-control\", ver:\"8.37.6+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.22-16-386_2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules\", ver:\"2.6.22-16-generic_2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-dev\", ver:\"1.0.9639+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-new-dev\", ver:\"100.14.19+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx-new\", ver:\"100.14.19+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-glx\", ver:\"1.0.9639+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nvidia-new-kernel-source\", ver:\"100.14.19+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx-dev\", ver:\"7.1.0-8.37.6+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xorg-driver-fglrx\", ver:\"7.1.0-8.37.6+2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.22-16-rt_2.6.22-16.17\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.22-16-ume_2.6.22-16.17\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-backports-modules\", ver:\"2.6.22-16-xen_2.6.22-16.17\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-rt_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-ume_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image\", ver:\"2.6.22-16-xen_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-rt_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-ume_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ubuntu-modules\", ver:\"2.6.22-16-xen_2.6.22-16.41\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.22_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers\", ver:\"2.6.22-16_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source\", ver:\"2.6.22_2.6.22-16.60\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-restricted-modules-common\", ver:\"2.6.22.4-16.12\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:35", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0001.\n\nFor details, please visit the referenced security advisories.\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should\nupgrade to these updated packages which address these vulnerabilities. For\nthis update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2009-01-13T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0001", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63132", "href": "http://plugins.openvas.org/nasl.php?oid=63132", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0001.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0001 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0001.\n\nFor details, please visit the referenced security advisories.\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should\nupgrade to these updated packages which address these vulnerabilities. For\nthis update to take effect, the system must be rebooted.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63132);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0001\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0001.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:0001-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880937", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880937", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0001-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-February/015576.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880937\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2009:0001-01\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\",\n \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\",\n \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_name(\"CentOS Update for kernel CESA-2009:0001-01 centos2 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS2\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 2\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n\n * a flaw was found in the IPv4 forwarding base. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2007-2172,\n Important)\n\n * a flaw was found in the handling of process death signals. This allowed a\n local, unprivileged user to send arbitrary signals to the suid-process\n executed by that user. Successful exploitation of this flaw depends on the\n structure of the suid-program and its signal handling. (CVE-2007-3848,\n Important)\n\n * when accessing kernel memory locations, certain Linux kernel drivers\n registering a fault handler did not perform required range checks. A local,\n unprivileged user could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a denial of service.\n (CVE-2008-0007, Important)\n\n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n * missing capability checks were found in the SBNI WAN driver which could\n allow a local, unprivileged user to bypass intended capability\n restrictions. (CVE-2008-3525, Important)\n\n * a flaw was found in the way files were written using truncate() or\n ftruncate(). This could allow a local, unprivileged user to acquire the\n privileges of a different group and obtain access to sensitive information.\n (CVE-2008-4210, Important)\n\n * a race condition in the mincore system core allowed a local, unprivileged\n user to cause a denial of service. (CVE-2006-4814, Moderate)\n\n * a flaw was found in the aacraid SCSI driver. This allowed a local,\n unprivileged user to make ioctl calls to the driver which should otherwise\n be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n * two buffer overflow flaws were found in the Integrated Services Digital\n Network (ISDN) subsystem. A local, unprivileged user could use these flaws\n to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n\n * a flaw was found in the way core dump files were created. If a local,\n unprivileged user could make a root-owned process dump a core file into a\n user-writable directory, the user could gain read access to that core file,\n potentially compromising sensitive information. (CVE-2007-6206, Moderate)\n\n * a deficiency was found in the Linux kernel virtual file system (VFS)\n implementation. This could allow a local, unprivileged ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:57:00", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0001-01.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0001-01 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63344", "href": "http://plugins.openvas.org/nasl.php?oid=63344", "sourceData": "#CESA-2009:0001-01 63344 1\n# $Id: ovcesa2009_0001_01.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0001-01 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0001-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0001\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0001-01.\";\n\n\n\nif(description)\n{\n script_id(63344);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0001-01 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:07", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0001.\n\nFor details, please visit the referenced security advisories.\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should\nupgrade to these updated packages which address these vulnerabilities. For\nthis update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2009-01-13T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0001", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063132", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063132", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0001.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0001 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2009:0001.\n\nFor details, please visit the referenced security advisories.\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should\nupgrade to these updated packages which address these vulnerabilities. For\nthis update to take effect, the system must be rebooted.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63132\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0001\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0001.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:02", "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0001-01.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0001-01 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063344", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063344", "sourceData": "#CESA-2009:0001-01 63344 1\n# $Id: ovcesa2009_0001_01.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0001-01 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0001-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0001\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0001-01.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63344\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0001-01 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:55", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:0001-01 centos2 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880937", "href": "http://plugins.openvas.org/nasl.php?oid=880937", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0001-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n \n * a flaw was found in the IPv4 forwarding base. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2007-2172,\n Important)\n \n * a flaw was found in the handling of process death signals. This allowed a\n local, unprivileged user to send arbitrary signals to the suid-process\n executed by that user. Successful exploitation of this flaw depends on the\n structure of the suid-program and its signal handling. (CVE-2007-3848,\n Important)\n \n * when accessing kernel memory locations, certain Linux kernel drivers\n registering a fault handler did not perform required range checks. A local,\n unprivileged user could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a denial of service.\n (CVE-2008-0007, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local, unprivileged user to bypass intended capability\n restrictions. (CVE-2008-3525, Important)\n \n * a flaw was found in the way files were written using truncate() or\n ftruncate(). This could allow a local, unprivileged user to acquire the\n privileges of a different group and obtain access to sensitive information.\n (CVE-2008-4210, Important)\n \n * a race condition in the mincore system core allowed a local, unprivileged\n user to cause a denial of service. (CVE-2006-4814, Moderate)\n \n * a flaw was found in the aacraid SCSI driver. This allowed a local,\n unprivileged user to make ioctl calls to the driver which should otherwise\n be restricted to privileged users. (CVE-2007-4308, Moderate)\n \n * two buffer overflow flaws were found in the Integrated Services Digital\n Network (ISDN) subsystem. A local, unprivileged user could use these flaws\n to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n \n * a flaw was found in the way core dump files were created. If a local,\n unprivileged user could make a root-owned process dump a core file into a\n user-writable directory, the user could gain read access to that core file,\n potentially compromising sensitive information. (CVE-2007-6206, Moderate)\n \n * a deficiency was found in the Linux kernel virtual file system (VFS)\n implementation. This could allow a local, unprivileged ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 2\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-February/015576.html\");\n script_id(880937);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0001-01\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \n \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \n \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_name(\"CentOS Update for kernel CESA-2009:0001-01 centos2 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:39", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2008:0787.", "cvss3": {}, "published": "2009-01-07T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2008:0787", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2006-4538", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063097", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063097", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2008_0787.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2008:0787 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nAll users of Red Hat Enterprise Linux 2.1 on 64-bit architectures should\nupgrade to these updated packages, which contain backported patches to\nresolve these issues.\";\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2008:0787.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\n\nhttp://rhn.redhat.com/errata/RHSA-2008-0787.html\nhttp://www.redhat.com/security/updates/classification/#important\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63097\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-07 23:16:01 +0100 (Wed, 07 Jan 2009)\");\n script_cve_id(\"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2006-4814\", \"CVE-2007-4308\", \"CVE-2007-2172\", \"CVE-2007-6063\", \"CVE-2007-6206\", \"CVE-2007-6151\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2008:0787\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:50", "description": "The remote host is missing updates to the kernel announced in\nadvisory RHSA-2008:0787.", "cvss3": {}, "published": "2009-01-07T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2008:0787", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2006-4538", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63097", "href": "http://plugins.openvas.org/nasl.php?oid=63097", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2008_0787.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2008:0787 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed with this update, please\nvisit the referenced security advisories.\n\nAll users of Red Hat Enterprise Linux 2.1 on 64-bit architectures should\nupgrade to these updated packages, which contain backported patches to\nresolve these issues.\";\ntag_summary = \"The remote host is missing updates to the kernel announced in\nadvisory RHSA-2008:0787.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\n\nhttp://rhn.redhat.com/errata/RHSA-2008-0787.html\nhttp://www.redhat.com/security/updates/classification/#important\";\n\n\n\nif(description)\n{\n script_id(63097);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-07 23:16:01 +0100 (Wed, 07 Jan 2009)\");\n script_cve_id(\"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2006-4814\", \"CVE-2007-4308\", \"CVE-2007-2172\", \"CVE-2007-6063\", \"CVE-2007-6206\", \"CVE-2007-6151\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2008:0787\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.18~e.67\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2023-05-18T14:46:52", "description": "This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes various bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified other impact, by creating an executable file in a setgid directory through the (1) truncate or (2) ftruncate function in conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.", "cvss3": {}, "published": "2008-12-03T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5734.NASL", "href": "https://www.tenable.com/plugins/nessus/35026", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35026);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 5734)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This patch updates the SUSE Linux Enterprise 10 SP1 kernel. It fixes\nvarious bugs and security issues.\n\nThe following security issues are addressed :\n\n - fs/open.c in the Linux kernel before 2.6.22 does not\n properly strip setuid and setgid bits when there is a\n write to a file, which allows local users to gain the\n privileges of a different group, and obtain sensitive\n information or possibly have unspecified other impact,\n by creating an executable file in a setgid directory\n through the (1) truncate or (2) ftruncate function in\n conjunction with memory-mapped I/O. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\nAll other bugfixes can be found by looking at the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5734.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/12/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-debug-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-smp-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.16.54-0.2.12\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:1, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.54-0.2.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:32", "description": "This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid bit to be set via the mode argument even when, due to the bsdgroups mount option or the file being created in a setgid directory, the new file's group is one which the user is not a member of. The local attacker could then use ftruncate() and memory-mapped I/O to turn the new file into an arbitrary binary and thus gain the privileges of this group, since these operations do not clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5667)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5667.NASL", "href": "https://www.tenable.com/plugins/nessus/59132", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59132);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-6716\", \"CVE-2008-1514\", \"CVE-2008-3525\", \"CVE-2008-3528\", \"CVE-2008-4210\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5667)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes\nvarious bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid\n bit to be set via the mode argument even when, due to\n the bsdgroups mount option or the file being created in\n a setgid directory, the new file's group is one which\n the user is not a member of. The local attacker could\n then use ftruncate() and memory-mapped I/O to turn the\n new file into an arbitrary binary and thus gain the\n privileges of this group, since these operations do not\n clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle\n corrupted data structures. With a mounted filesystem\n image or partition that have corrupted dir->i_size and\n dir->i_blocks, a user performing either a read or write\n operation on the mounted image or partition can lead to\n a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a\n denial of service (kernel panic) via the\n user-area-padding test from the ptrace testsuite in\n 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel\n did not properly zero out the dio struct, which allows\n local users to cause a denial of service (OOPS), as\n demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-6716.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1514.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3525.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-3528.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4210.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5667.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.31\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.31\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:08", "description": "This kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and some security problems :\n\n - When creating a file, open()/creat() allowed the setgid bit to be set via the mode argument even when, due to the bsdgroups mount option or the file being created in a setgid directory, the new file's group is one which the user is not a member of. The local attacker could then use ftruncate() and memory-mapped I/O to turn the new file into an arbitrary binary and thus gain the privileges of this group, since these operations do not clear the setgid bit.'. (CVE-2008-4210)\n\n - The ext[234] filesystem code fails to properly handle corrupted data structures. With a mounted filesystem image or partition that have corrupted dir->i_size and dir->i_blocks, a user performing either a read or write operation on the mounted image or partition can lead to a possible denial of service by spamming the logfile.\n (CVE-2008-3528)\n\n - The S/390 ptrace code allowed local users to cause a denial of service (kernel panic) via the user-area-padding test from the ptrace testsuite in 31-bit mode, which triggers an invalid dereference.\n (CVE-2008-1514)\n\n - fs/direct-io.c in the dio subsystem in the Linux kernel did not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. (CVE-2007-6716)\n\n - Added missing capability checks in sbni_ioctl().\n (CVE-2008-3525)\n\nAlso OCFS2 was updated to version v1.4.1-1.\n\nThe full amount of changes can be reviewed in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5668)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-6716", "CVE-2008-1514", "CVE-2008-3525", "CVE-2008-3528", "CVE-2008-4210"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-5668.NASL", "href": "https://www.tenable.com/plugins/nessus/41535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(

SuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 5735)

Description

Related