CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
14.1%
The remote host is missing the patch for the advisory SUSE-SA:2003:021 (kernel).
The Linux kernel has a security flaw in all versions used on SUSE products excluding the upcoming SUSE LINUX 8.2 distribution. The flaw is known as ptrace/modprobe bug: The local attacker can use ptrace and attach to a modprobe process that is spawned if the user triggers the loading of a kernel module using the kmod kernel module subsystem.
This can be done by asking for network protocols that are supplied by kernel modules which are not loaded (yet). The vulnerability allows the attacker to execute arbitrary commands as root.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2003:021
#
if ( ! defined_func("bn_random") ) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if(description)
{
script_id(13791);
script_version("1.14");
script_cve_id("CVE-2003-0127");
name["english"] = "SUSE-SA:2003:021: kernel";
script_name(english:name["english"]);
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2003:021 (kernel).
The Linux kernel has a security flaw in all versions used on SUSE
products excluding the upcoming SUSE LINUX 8.2 distribution. The flaw
is known as ptrace/modprobe bug: The local attacker can use ptrace and
attach to a modprobe process that is spawned if the user triggers the
loading of a kernel module using the kmod kernel module subsystem.
This can be done by asking for network protocols that are supplied by
kernel modules which are not loaded (yet). The vulnerability allows
the attacker to execute arbitrary commands as root." );
script_set_attribute(attribute:"solution", value:
"http://www.suse.de/security/2003_21_kernel.html" );
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_publication_date", value: "2004/07/25");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_end_attributes();
summary["english"] = "Check for the version of the kernel package";
script_summary(english:summary["english"]);
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.");
family["english"] = "SuSE Local Security Checks";
script_family(english:family["english"]);
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/SuSE/rpm-list");
exit(0);
}
include("rpm.inc");
if ( rpm_check( reference:"kernel-source-2.4.18.SUSE-150", release:"SUSE7.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.18-244", release:"SUSE7.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_psmp-2.4.18-243", release:"SUSE7.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_i386-2.4.18-237", release:"SUSE7.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.18-262", release:"SUSE7.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"kernel-source-2.4.18.SUSE-150", release:"SUSE7.2") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.18-244", release:"SUSE7.2") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_psmp-2.4.18-243", release:"SUSE7.2") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_i386-2.4.18-237", release:"SUSE7.2") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.18-262", release:"SUSE7.2") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"kernel-source-2.4.18.SUSE-150", release:"SUSE7.3") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.18-244", release:"SUSE7.3") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_psmp-2.4.18-243", release:"SUSE7.3") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_i386-2.4.18-237", release:"SUSE7.3") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.18-262", release:"SUSE7.3") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"kernel-source-2.4.18.SUSE-149", release:"SUSE8.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.18-243", release:"SUSE8.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_psmp-2.4.18-242", release:"SUSE8.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_orig-2.4.18-170", release:"SUSE8.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_i386-2.4.18-236", release:"SUSE8.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.18-261", release:"SUSE8.0") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"kernel-source-2.4.19.SUSE-175", release:"SUSE8.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.19-257", release:"SUSE8.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_psmp-2.4.19-263", release:"SUSE8.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.19-274", release:"SUSE8.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_debug-2.4.19-213", release:"SUSE8.1") )
{
security_hole(0);
exit(0);
}
if ( rpm_check( reference:"k_athlon-2.4.19-263", release:"SUSE8.1") )
{
security_hole(0);
exit(0);
}
if (rpm_exists(rpm:"kernel-", release:"SUSE7.1")
|| rpm_exists(rpm:"kernel-", release:"SUSE7.2")
|| rpm_exists(rpm:"kernel-", release:"SUSE7.3")
|| rpm_exists(rpm:"kernel-", release:"SUSE8.0")
|| rpm_exists(rpm:"kernel-", release:"SUSE8.1") )
{
set_kb_item(name:"CVE-2003-0127", value:TRUE);
}