Lucene search
Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-1834-1.NASLHistoryMay 25, 2013 - 12:00 a.m.
Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1834-1)
2013-05-2500:00:00
Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
92
A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. (CVE-2013-1929)
A flaw was discovered in the Linux kernel’s ftrace subsystem interface. A local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-3301).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1834-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(66588);
script_version("1.8");
script_cvs_date("Date: 2019/09/19 12:54:29");
script_cve_id("CVE-2013-1929", "CVE-2013-3301");
script_xref(name:"USN", value:"1834-1");
script_name(english:"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1834-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"A buffer overflow vulnerability was discovered in the Broadcom tg3
ethernet driver for the Linux kernel. A local user could exploit this
flaw to cause a denial of service (crash the system) or potentially
escalate privileges on the system. (CVE-2013-1929)
A flaw was discovered in the Linux kernel's ftrace subsystem
interface. A local user could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-3301).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1834-1/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected linux-image-3.5-generic package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/04/29");
script_set_attribute(attribute:"patch_publication_date", value:"2013/05/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/25");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(12\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
rm_kb_item(name:"Host/uptrack-uname-r");
cve_list = make_list("CVE-2013-1929", "CVE-2013-3301");
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-1834-1");
}
else
{
_ubuntu_report = ksplice_reporting_text();
}
}
flag = 0;
if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.5.0-31-generic", pkgver:"3.5.0-31.52~precise1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.5-generic");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | linux-image-3.5-generic | p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic |
| canonical | ubuntu_linux | 12.04 | cpe:/o:canonical:ubuntu_linux:12.04:-:lts |
Related
openvas
openvas
Ubuntu Update for linux USN-1835-1
2013-05-27 00:00:00
Ubuntu: Security Advisory (USN-1834-1)
2013-05-27 00:00:00
Ubuntu Update for linux-lts-quantal USN-1834-1
2013-05-27 00:00:00
nessus
nessus
Ubuntu 12.10 : linux vulnerabilities (USN-1835-1)
2013-05-25 00:00:00
Ubuntu 12.04 LTS : linux vulnerabilities (USN-1833-1)
2013-05-25 00:00:00
Fedora 18 : kernel-3.8.6-203.fc18 (2013-5368)
2013-04-12 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2013-05-24 00:00:00
Linux kernel (Quantal HWE) vulnerabilities
2013-05-24 00:00:00
Linux kernel (OMAP4) vulnerabilities
2013-05-24 00:00:00
securityvulns
securityvulns
[USN-1833-1] Linux kernel vulnerabilities
2013-05-27 00:00:00
Linux kernel multiple security vulnerabilities
2013-05-27 00:00:00
[ MDVSA-2013:194 ] kernel
2013-07-15 00:00:00
ubuntucve
ubuntucve
CVE-2013-1929
2013-04-09 00:00:00
CVE-2013-3301
2013-04-29 00:00:00
prion
prion
Null pointer dereference
2013-04-29 14:55:00
Heap overflow
2013-06-07 14:03:00
debiancve
debiancve
CVE-2013-3301
2013-04-29 14:55:00
CVE-2013-1929
2013-06-07 14:03:00
cve
cve
CVE-2013-3301
2013-04-29 14:55:00
CVE-2013-1929
2013-06-07 14:03:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:54:56
Information Disclosure
2019-05-02 04:52:18
Denial Of Service (DoS)
2019-05-02 04:52:19
suse
suse
Security update for Linux kernel (important)
2013-09-21 00:04:17
Security update for Linux kernel (important)
2013-09-21 01:04:16
debian
debian
[SECURITY] [DSA 2669-1] linux security update
2013-05-16 02:48:53
[SECURITY] [DSA 2668-1] linux-2.6 security update
2013-05-14 19:14:29
osv
osv
linux - several
2013-05-15 00:00:00
linux-2.6 - several
2013-05-14 00:00:00
redhat
redhat
(RHSA-2013:1034) Low: kernel security and bug fix update
2013-07-10 00:00:00
(RHSA-2013:1080) Moderate: kernel security and bug fix update
2013-07-16 00:00:00
(RHSA-2013:1051) Moderate: kernel security and bug fix update
2013-07-16 00:00:00
centos
centos
kernel security update
2013-07-10 15:50:41
kernel, perf, python security update
2013-07-17 04:56:29
kernel, perf, python security update
2013-11-26 13:32:01
oraclelinux
oraclelinux
kernel security and bug fix update
2013-07-10 00:00:00
kernel security and bug fix update
2013-07-10 00:00:00
unbreakable enterprise kernel security update
2013-07-18 00:00:00
amazon
amazon
Medium: kernel
2013-06-11 22:45:00
Medium: kernel
2013-08-13 21:32:00
altlinux
altlinux
fedora
fedora
[SECURITY] Fedora 18 Update: kernel-3.8.6-203.fc18
2013-04-11 23:33:52
[SECURITY] Fedora 18 Update: kernel-3.8.8-202.fc18
2013-04-19 04:59:13
[SECURITY] Fedora 18 Update: kernel-3.8.8-203.fc18
2013-04-27 00:09:52
Related for UBUNTU_USN-1834-1.NASL