Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-1211-1.NASL
HistorySep 22, 2011 - 12:00 a.m.

Ubuntu 11.04 : linux vulnerabilities (USN-1211-1)

2011-09-2200:00:00
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
JSON

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. (CVE-2011-1020)

Dan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. (CVE-2011-1493)

Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. (CVE-2011-1833)

It was discovered that Bluetooth l2cap and rfcomm did not correctly initialize structures. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy.
(CVE-2011-2492)

It was discovered that GFS2 did not correctly check block sizes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2689)

Fernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service.
(CVE-2011-2699)

The performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2918)

A flaw was found in the Linux kernel’s /proc/*/map interface. A local, unprivileged user could exploit this flaw to cause a denial of service. (CVE-2011-3637)

Ben Hutchings discovered several flaws in the Linux Rose (X.25 PLP) layer. A local user or a remote user on an X.25 network could exploit these flaws to execute arbitrary code as root. (CVE-2011-4914).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1211-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(56256);
  script_version("1.17");
  script_cvs_date("Date: 2019/10/16 10:34:22");

  script_cve_id("CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1833", "CVE-2011-2492", "CVE-2011-2689", "CVE-2011-2699", "CVE-2011-2918", "CVE-2011-3637", "CVE-2011-4914");
  script_bugtraq_id(46567, 46935, 48441, 48677, 48802, 49152);
  script_xref(name:"USN", value:"1211-1");

  script_name(english:"Ubuntu 11.04 : linux vulnerabilities (USN-1211-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that the /proc filesystem did not correctly handle
permission changes when programs executed. A local attacker could hold
open files to examine details about programs running with higher
privileges, potentially increasing the chances of exploiting
additional vulnerabilities. (CVE-2011-1020)

Dan Rosenberg discovered that the X.25 Rose network stack did not
correctly handle certain fields. If a system was running with Rose
enabled, a remote attacker could send specially crafted traffic to
gain root privileges. (CVE-2011-1493)

Vasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not
correctly check the origin of mount points. A local attacker could
exploit this to trick the system into unmounting arbitrary mount
points, leading to a denial of service. (CVE-2011-1833)

It was discovered that Bluetooth l2cap and rfcomm did not correctly
initialize structures. A local attacker could exploit this to read
portions of the kernel stack, leading to a loss of privacy.
(CVE-2011-2492)

It was discovered that GFS2 did not correctly check block sizes. A
local attacker could exploit this to crash the system, leading to a
denial of service. (CVE-2011-2689)

Fernando Gont discovered that the IPv6 stack used predictable fragment
identification numbers. A remote attacker could exploit this to
exhaust network resources, leading to a denial of service.
(CVE-2011-2699)

The performance counter subsystem did not correctly handle certain
counters. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2011-2918)

A flaw was found in the Linux kernel's /proc/*/*map* interface. A
local, unprivileged user could exploit this flaw to cause a denial of
service. (CVE-2011-3637)

Ben Hutchings discovered several flaws in the Linux Rose (X.25 PLP)
layer. A local user or a remote user on an X.25 network could exploit
these flaws to execute arbitrary code as root. (CVE-2011-4914).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/1211-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:ND");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04");

  script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/28");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/09/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/09/22");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(11\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 11.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2011-1020", "CVE-2011-1493", "CVE-2011-1833", "CVE-2011-2492", "CVE-2011-2689", "CVE-2011-2699", "CVE-2011-2918", "CVE-2011-3637", "CVE-2011-4914");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-1211-1");
  }
  else
  {
    _ubuntu_report = ksplice_reporting_text();
  }
}

flag = 0;

if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-11-generic", pkgver:"2.6.38-11.50")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-11-generic-pae", pkgver:"2.6.38-11.50")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-11-server", pkgver:"2.6.38-11.50")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-11-versatile", pkgver:"2.6.38-11.50")) flag++;
if (ubuntu_check(osver:"11.04", pkgname:"linux-image-2.6.38-11-virtual", pkgver:"2.6.38-11.50")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-2.6-generic / linux-image-2.6-generic-pae / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxlinux-image-2.6-genericp-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic
canonicalubuntu_linuxlinux-image-2.6-generic-paep-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae
canonicalubuntu_linuxlinux-image-2.6-serverp-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server
canonicalubuntu_linuxlinux-image-2.6-versatilep-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile
canonicalubuntu_linuxlinux-image-2.6-virtualp-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual
canonicalubuntu_linux11.04cpe:/o:canonical:ubuntu_linux:11.04

Related

ubuntu 18
openvas 67
securityvulns 3
nessus 45
prion 9
veracode 7
ubuntucve 9
packetstorm 2
cve 9
seebug 1
redhat 8
amazon 1
debiancve 1
oraclelinux 6
suse 8
centos 2
osv 1
debian 2
ubuntu
ubuntu
Linux kernel vulnerabilities
2011-09-21 00:00:00
Linux kernel (Maverick backport) vulnerabilities
2011-09-13 00:00:00
Linux kernel vulnerabilities
2011-09-13 00:00:00
openvas
openvas
Ubuntu Update for linux USN-1211-1
2011-09-23 00:00:00
Ubuntu Update for linux USN-1211-1
2011-09-23 00:00:00
Ubuntu Update for linux USN-1201-1
2011-09-16 00:00:00
securityvulns
securityvulns
[USN-1211-1] Linux kernel vulnerabilities
2011-09-26 00:00:00
Linux kernel multiple security vulnerabilities
2011-09-26 00:00:00
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-13 00:00:00
nessus
nessus
Ubuntu 10.10 : linux vulnerabilities (USN-1201-1)
2011-09-14 00:00:00
Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1205-1)
2011-09-14 00:00:00
Ubuntu 8.04 LTS : linux vulnerabilities (USN-1189-1)
2011-08-20 00:00:00
prion
prion
Out-of-bounds
2012-06-21 23:55:00
Design/Logic Flaw
2012-05-24 23:55:00
Design/Logic Flaw
2012-05-24 23:55:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:08:18
Denial Of Service (DoS)
2020-04-10 01:03:43
Denial Of Service (DoS)
2020-04-10 01:05:39
ubuntucve
ubuntucve
CVE-2011-2918
2011-08-25 00:00:00
CVE-2011-2689
2011-07-28 00:00:00
CVE-2011-4914
2012-01-04 00:00:00
packetstorm
packetstorm
Linux Kernel perf_count_sw_cpu_clock Denial Of Service
2011-09-01 00:00:00
Linux Kernel 2.6.32 Privilege Escalation
2017-04-01 00:00:00
cve
cve
CVE-2011-2918
2012-05-24 23:55:00
CVE-2011-4914
2012-06-21 23:55:00
CVE-2011-3637
2012-05-17 11:00:00
seebug
seebug
Linux Kernel GFS2 &quot;gfs2_fallocate()&quot; 拒绝服务漏洞
2011-07-17 00:00:00
redhat
redhat
(RHSA-2012:0116) Moderate: kernel security and bug fix update
2012-02-14 00:00:00
(RHSA-2012:0007) Important: kernel security, bug fix, and enhancement update
2012-01-10 00:00:00
(RHSA-2011:1065) Important: Red Hat Enterprise Linux 5.7 kernel security and bug fix update
2011-07-21 00:00:00
amazon
amazon
Medium: kernel
2011-10-31 18:26:00
debiancve
debiancve
CVE-2011-1833
2012-10-03 11:02:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2011-10-05 00:00:00
kernel security, bug fix, and enhancement update
2012-01-11 00:00:00
Oracle Linux 6 kernel security, bug fix and enhancement update
2011-12-14 00:00:00
suse
suse
remote denial of service in kernel
2011-12-13 17:34:50
Security update for Linux kernel (important)
2011-12-13 19:08:30
Security update for Linux kernel (important)
2011-12-14 08:08:27
centos
centos
kernel security update
2012-01-11 19:18:33
kernel security update
2011-09-01 16:11:24
osv
osv
linux-2.6 - several issues
2011-09-10 00:00:00
debian
debian
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression
2011-09-11 02:06:57
[SECURITY] [DSA 2303-1] linux-2.6 security update
2011-09-08 21:31:02
JSON
Related for UBUNTU_USN-1211-1.NASL
ubuntu18openvas67securityvulns3nessus45prion9veracode7ubuntucve9packetstorm2cve9seebug1redhat8amazon1debiancve1oraclelinux6suse8centos2osv1debian2