Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2021 Tenable Network Security, Inc.SUSE_SA_2005_029.NASL
HistoryJun 10, 2005 - 12:00 a.m.

SUSE-SA:2005:029: kernel

2005-06-1000:00:00
This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.
www.tenable.com
17
JSON

The remote host is missing the patch for the advisory SUSE-SA:2005:029 (kernel).

The Linux kernel is the core component of the Linux system.

This update fixes various security as well as non-security problems discovered since the last round of kernel updates.

The following security problems have been fixed:

  • when creating directories on ext2 filesystems the kernel did not zero initialize the memory allocated. Therefore potentially sensitive information could be exposed to users (CVE-2005-0400).

All SUSE LINUX based products are affected.

  • local users can crash the kernel via a crafted ELF library or executable, which causes a free of an invalid pointer (CVE-2005-0749).

All SUSE LINUX based products are affected.

  • local users could gain root access via a bluetooth socket (CVE-2005-0750).

The fix for this problem was missing in SUSE LINUX 9.3 only.

  • local users could gain root access by causing a core dump of specially crafted ELF executables (CVE-2005-1263).

The problem is believed to be not exploitable on any SUSE LINUX based product. The patch is included nevertheless.

  • on the x86-64 platform various bugs allowed local users to crash the kernel or CPU (CVE-2005-0756, CVE-2005-1762, CVE-2005-1764, CVE-2005-1765)

All SUSE LINUX based products on the x86-64 architecture are affected.

  • an overflow in the x86-64 ptrace code allowed local users to write a few bytes into kernel memory pages they normally shouldn’t have access to (CVE-2005-1763).

SLES 9 and SUSE LINUX 9.1-9.3 on the x86-64 architecture are affected.

  • insufficient checks in the 32bit DRM ioctl functions could allow unprivileged local users to gain root access.

SLES 9 and SUSE LINUX 9.1-9.3 on the x86-64 architecture are affected.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:029
#


if ( ! defined_func("bn_random") ) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if(description)
{
 script_id(18462);
 script_version("1.9");
 
 name["english"] = "SUSE-SA:2005:029: kernel";
 
 script_name(english:name["english"]);
 
 script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a vendor-supplied security patch" );
 script_set_attribute(attribute:"description", value:
"The remote host is missing the patch for the advisory SUSE-SA:2005:029 (kernel).


The Linux kernel is the core component of the Linux system.

This update fixes various security as well as non-security problems
discovered since the last round of kernel updates.


The following security problems have been fixed:

- when creating directories on ext2 filesystems the kernel did not
zero initialize the memory allocated. Therefore potentially
sensitive information could be exposed to users (CVE-2005-0400).

All SUSE LINUX based products are affected.

- local users can crash the kernel via a crafted ELF library or
executable, which causes a free of an invalid pointer
(CVE-2005-0749).

All SUSE LINUX based products are affected.

- local users could gain root access via a bluetooth socket
(CVE-2005-0750).

The fix for this problem was missing in SUSE LINUX 9.3 only.

- local users could gain root access by causing a core dump of
specially crafted ELF executables (CVE-2005-1263).

The problem is believed to be not exploitable on any SUSE LINUX
based product. The patch is included nevertheless.

- on the x86-64 platform various bugs allowed local users to crash
the kernel or CPU (CVE-2005-0756, CVE-2005-1762, CVE-2005-1764,
CVE-2005-1765)

All SUSE LINUX based products on the x86-64 architecture are
affected.

- an overflow in the x86-64 ptrace code allowed local users to
write a few bytes into kernel memory pages they normally
shouldn't have access to (CVE-2005-1763).

SLES 9 and SUSE LINUX 9.1-9.3 on the x86-64 architecture are
affected.

- insufficient checks in the 32bit DRM ioctl functions could allow
unprivileged local users to gain root access.

SLES 9 and SUSE LINUX 9.1-9.3 on the x86-64 architecture are
affected." );
 script_set_attribute(attribute:"solution", value:
"http://www.suse.de/security/advisories/2005_29_kernel.html" );
 script_set_attribute(attribute:"risk_factor", value:"High" );



 script_set_attribute(attribute:"plugin_publication_date", value: "2005/06/10");
 script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
 script_end_attributes();

 
 summary["english"] = "Check for the version of the kernel package";
 script_summary(english:summary["english"]);
 
 script_category(ACT_GATHER_INFO);
 
 script_copyright(english:"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.");
 family["english"] = "SuSE Local Security Checks";
 script_family(english:family["english"]);
 
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/SuSE/rpm-list");
 exit(0);
}

include("rpm.inc");
if ( rpm_check( reference:"k_athlon-2.4.20-136", release:"SUSE8.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.20-136", release:"SUSE8.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_psmp-2.4.20-136", release:"SUSE8.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.20-136", release:"SUSE8.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-source-2.4.20.SuSE-136", release:"SUSE8.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"Intel-536ep-4.62-25", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"Intel-v92ham-4.53-25", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_athlon-2.4.21-291", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_deflt-2.4.21-291", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_smp-2.4.21-291", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_smp4G-2.4.21-291", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"k_um-2.4.21-291", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-source-2.4.21-291", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"ltmodem-8.26a-214", release:"SUSE9.0") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-bigsmp-2.6.5-7.155.29", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-default-2.6.5-7.155.29", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-smp-2.6.5-7.155.29", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-source-2.6.5-7.155.29", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-syms-2.6.5-7.155.29", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"ltmodem-2.6.2-38.15", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-docs-2.6.5-7.155.29", release:"SUSE9.1") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"Intel-536ep-4.69-5.9", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-bigsmp-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-bigsmp-nongpl-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-default-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-default-nongpl-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-smp-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-smp-nongpl-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-source-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-syms-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-um-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-um-nongpl-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"ltmodem-8.31a8-6.9", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"um-host-install-initrd-1.0-48.8", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"um-host-kernel-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-docs-2.6.8-24.16", release:"SUSE9.2") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"Intel-536ep-4.69-10.1", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"dprobes-3.6.5-8.2", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-bigsmp-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-bigsmp-nongpl-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-default-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-default-nongpl-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-smp-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-smp-nongpl-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-source-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-syms-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-um-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-um-nongpl-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-xen-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-xen-nongpl-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"ltmodem-8.31a10-7.1", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"um-host-install-initrd-1.0-50.1", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"um-host-kernel-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}
if ( rpm_check( reference:"kernel-docs-2.6.11.4-21.7", release:"SUSE9.3") )
{
 security_hole(0);
 exit(0);
}

Related

suse 3
openvas 9
nessus 27
ubuntu 4
redhat 11
centos 8
cve 9
ubuntucve 9
securityvulns 7
packetstorm 1
exploitdb 1
cert 1
debian 4
osv 2
suse
suse
local privilege escalation in kernel
2005-06-09 11:10:38
local privilege escalation in kernel
2005-04-05 07:25:34
denial of service, local privilege escalation in kernel
2005-09-01 14:31:41
openvas
openvas
SLES9: Security update for kernel
2009-10-10 00:00:00
SLES9: Security update for kernel
2009-10-10 00:00:00
Ubuntu: Security Advisory (USN-103-1)
2022-08-26 00:00:00
nessus
nessus
Ubuntu 4.10 / 5.04 : linux-source-2.6.10, linux-source-2.6.8.1 vulnerabilities (USN-143-1)
2006-01-15 00:00:00
Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-103-1)
2006-01-15 00:00:00
Mandrake Linux Security Advisory : kernel-2.4 (MDKSA-2005:111)
2005-07-01 00:00:00
ubuntu
ubuntu
Linux amd64 kernel vulnerabilities
2005-06-27 00:00:00
Linux kernel vulnerabilities
2005-04-01 00:00:00
Linux kernel vulnerabilities
2005-06-08 00:00:00
redhat
redhat
(RHSA-2005:529) kernel security update
2005-08-25 00:00:00
(RHSA-2005:551) kernel security update
2005-08-25 00:00:00
(RHSA-2005:472) kernel security update
2005-05-25 00:00:00
centos
centos
kernel security update
2005-08-26 03:54:07
kernel security update
2005-05-25 22:54:52
kernel security update
2005-10-05 16:21:56
cve
cve
CVE-2005-1764
2005-10-07 18:02:00
CVE-2005-1763
2005-06-09 04:00:00
CVE-2005-1765
2005-05-31 04:00:00
ubuntucve
ubuntucve
CVE-2005-1764
2005-10-07 00:00:00
CVE-2005-0400
2005-05-02 00:00:00
CVE-2005-1763
2005-06-09 00:00:00
securityvulns
securityvulns
Information leak in the Linux kernel ext2 implementation
2005-04-03 00:00:00
Linux kernel ELF core dump privilege elevation
2005-05-12 00:00:00
local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5
2005-03-28 00:00:00
packetstorm
packetstorm
isec-0023-coredump.txt
2005-08-07 00:00:00
exploitdb
exploitdb
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability 4
2005-10-24 00:00:00
cert
cert
Linux kernel Bluetooth support fails to properly bounds check "protocol" variable
2005-04-05 00:00:00
debian
debian
[SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities
2005-12-14 22:34:06
[SECURITY] [DSA 922-1] New Linux 2.6.8 packages fix several vulnerabilities
2005-12-14 22:34:06
[SECURITY] [DSA 921-1] New Linux 2.4.27 packages fix several vulnerabilities
2005-12-14 19:55:57
osv
osv
kernel-source-2.6.8 - several
2005-12-14 00:00:00
kernel-source-2.4.27 - several
2005-12-14 00:00:00
JSON
Related for SUSE_SA_2005_029.NASL
suse3openvas9nessus27ubuntu4redhat11centos8cve9ubuntucve9securityvulns7packetstorm1exploitdb1cert1debian4osv2