Lucene search

K

Ubuntu 13.10 : linux vulnerabilities (USN-2049-1)

Ubuntu 13.10 Linux kernel vulnerabilities: network sysctl, dm snapshot, tuntap interface, IPv6 SCTP, IPv6 UDP Fragmentation Offloa

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
OpenVAS
Ubuntu Update for linux USN-2049-1
17 Dec 201300:00
openvas
OpenVAS
Ubuntu Update for linux-lts-raring USN-2041-1
4 Dec 201300:00
openvas
OpenVAS
Ubuntu Update for linux USN-2045-1
4 Dec 201300:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-2049-1)
17 Dec 201300:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-2041-1)
4 Dec 201300:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-2045-1)
4 Dec 201300:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-2043-1)
4 Dec 201300:00
openvas
OpenVAS
Ubuntu Update for linux-ti-omap4 USN-2044-1
4 Dec 201300:00
openvas
OpenVAS
Ubuntu Update for linux-lts-quantal USN-2040-1
4 Dec 201300:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-2044-1)
4 Dec 201300:00
openvas
Rows per page
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2049-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(71260);
  script_version("1.10");
  script_cvs_date("Date: 2019/09/19 12:54:29");

  script_cve_id("CVE-2013-4270", "CVE-2013-4299", "CVE-2013-4343", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470");
  script_bugtraq_id(62360, 62405, 62696, 63183, 63359);
  script_xref(name:"USN", value:"2049-1");

  script_name(english:"Ubuntu 13.10 : linux vulnerabilities (USN-2049-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Miroslav Vadkerti discovered a flaw in how the permissions for network
sysctls are handled in the Linux kernel. An unprivileged local user
could exploit this flaw to have privileged access to files in
/proc/sys/net/. (CVE-2013-4270)

A flaw was discovered in the Linux kernel's dm snapshot facility. A
remote authenticated user could exploit this flaw to obtain sensitive
information or modify/corrupt data. (CVE-2013-4299)

Wannes Rombouts reported a vulnerability in the networking tuntap
interface of the Linux kernel. A local user with the CAP_NET_ADMIN
capability could leverage this flaw to gain full admin privileges.
(CVE-2013-4343)

Alan Chester reported a flaw in the IPv6 Stream Control Transmission
Protocol (SCTP) of the Linux kernel. A remote attacker could exploit
this flaw to obtain sensitive information by sniffing network traffic.
(CVE-2013-4350)

Dmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6
UDP Fragmentation Offload (UFO) processing. A remote attacker could
leverage this flaw to cause a denial of service (system crash).
(CVE-2013-4387)

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP
Fragmenttation Offload (UFO). An unprivileged local user could exploit
this flaw to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2013-4470).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/2049-1/"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Update the affected linux-image-3.11-generic and / or
linux-image-3.11-generic-lpae packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:13.10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/09/25");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/12/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/12/09");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(13\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 13.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2013-4270", "CVE-2013-4299", "CVE-2013-4343", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-2049-1");
  }
  else
  {
    _ubuntu_report = ksplice_reporting_text();
  }
}

flag = 0;

if (ubuntu_check(osver:"13.10", pkgname:"linux-image-3.11.0-14-generic", pkgver:"3.11.0-14.21")) flag++;
if (ubuntu_check(osver:"13.10", pkgname:"linux-image-3.11.0-14-generic-lpae", pkgver:"3.11.0-14.21")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.11-generic / linux-image-3.11-generic-lpae");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
09 Dec 2013 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS26.9
EPSS0.029
37
.json
Report