Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-751-1.NASL
HistoryApr 23, 2009 - 12:00 a.m.

Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)

2009-04-2300:00:00
Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
35
JSON

NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected.
(CVE-2008-4307)

Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-6107)

In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028)

The kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service.
(CVE-2009-0031)

The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065)

The eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service.
(CVE-2009-0269)

The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322)

The page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)

Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675)

The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676)

The ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-0745)

The ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748)

The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835)

The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)

The virtual consoles did not correctly handle certain UTF-8 sequences.
A local attacker on the physical console could exploit this to cause a system crash, leading to a denial of service. (CVE-2009-1046).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-751-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(37337);
  script_version("1.20");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0605", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046");
  script_bugtraq_id(33113, 33672, 33846, 33948, 33951, 34020);
  script_xref(name:"USN", value:"751-1");

  script_name(english:"Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"NFS did not correctly handle races between fcntl and interrupts. A
local attacker on an NFS mount could consume unlimited kernel memory,
leading to a denial of service. Ubuntu 8.10 was not affected.
(CVE-2008-4307)

Sparc syscalls did not correctly check mmap regions. A local attacker
could cause a system panic, leading to a denial of service. Ubuntu
8.10 was not affected. (CVE-2008-6107)

In certain situations, cloned processes were able to send signals to
parent processes, crossing privilege boundaries. A local attacker
could send arbitrary signals to parent processes, leading to a denial
of service. (CVE-2009-0028)

The kernel keyring did not free memory correctly. A local attacker
could consume unlimited kernel memory, leading to a denial of service.
(CVE-2009-0031)

The SCTP stack did not correctly validate FORWARD-TSN packets. A
remote attacker could send specially crafted SCTP traffic causing a
system crash, leading to a denial of service. (CVE-2009-0065)

The eCryptfs filesystem did not correctly handle certain VFS return
codes. A local attacker with write-access to an eCryptfs filesystem
could cause a system crash, leading to a denial of service.
(CVE-2009-0269)

The Dell platform device did not correctly validate user parameters. A
local attacker could perform specially crafted reads to crash the
system, leading to a denial of service. (CVE-2009-0322)

The page fault handler could consume stack memory. A local attacker
could exploit this to crash the system or gain root privileges with a
Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)

Network interfaces statistics for the SysKonnect FDDI driver did not
check capabilities. A local user could reset statistics, potentially
interfering with packet accounting systems. (CVE-2009-0675)

The getsockopt function did not correctly clear certain parameters. A
local attacker could read leaked kernel memory, leading to a loss of
privacy. (CVE-2009-0676)

The ext4 filesystem did not correctly clear group descriptors when
resizing. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2009-0745)

The ext4 filesystem did not correctly validate certain fields. A local
attacker could mount a malicious ext4 filesystem, causing a system
crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747,
CVE-2009-0748)

The syscall interface did not correctly validate parameters when
crossing the 64-bit/32-bit boundary. A local attacker could bypass
certain syscall restricts via crafted syscalls. (CVE-2009-0834,
CVE-2009-0835)

The shared memory subsystem did not correctly handle certain shmctl
calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not
vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)

The virtual consoles did not correctly handle certain UTF-8 sequences.
A local attacker on the physical console could exploit this to cause a
system crash, leading to a denial of service. (CVE-2009-1046).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/751-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(20, 119, 189, 264, 362, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/04/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(7\.10|8\.04|8\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 7.10 / 8.04 / 8.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
  rm_kb_item(name:"Host/uptrack-uname-r");
  cve_list = make_list("CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0605", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046");
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-751-1");
  }
  else
  {
    _ubuntu_report = ksplice_reporting_text();
  }
}

flag = 0;

if (ubuntu_check(osver:"7.10", pkgname:"linux-doc-2.6.22", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-386", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-generic", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-rt", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-server", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-ume", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-virtual", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-xen", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-386", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-cell", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-generic", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-lpia", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-lpiacompat", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-rt", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-server", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-ume", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-virtual", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-xen", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-386", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-generic", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-server", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-virtual", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-kernel-devel", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-libc-dev", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"7.10", pkgname:"linux-source-2.6.22", pkgver:"2.6.22-16.62")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-doc-2.6.24", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-386", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-generic", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-openvz", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-rt", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-server", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-virtual", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-xen", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-386", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-generic", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-lpia", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-lpiacompat", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-openvz", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-rt", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-server", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-virtual", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-xen", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-386", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-generic", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-server", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-virtual", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-kernel-devel", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-libc-dev", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"linux-source-2.6.24", pkgver:"2.6.24-23.52")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-doc-2.6.27", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-headers-2.6.27-11", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-headers-2.6.27-11-generic", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-headers-2.6.27-11-server", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-image-2.6.27-11-generic", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-image-2.6.27-11-server", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-image-2.6.27-11-virtual", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-libc-dev", pkgver:"2.6.27-11.31")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"linux-source-2.6.27", pkgver:"2.6.27-11.31")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-doc-2.6.22 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxlinux-doc-2.6.22p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22
canonicalubuntu_linuxlinux-doc-2.6.24p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24
canonicalubuntu_linuxlinux-doc-2.6.27p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27
canonicalubuntu_linuxlinux-headers-2.6p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6
canonicalubuntu_linuxlinux-headers-2.6-386p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386
canonicalubuntu_linuxlinux-headers-2.6-genericp-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic
canonicalubuntu_linuxlinux-headers-2.6-openvzp-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz
canonicalubuntu_linuxlinux-headers-2.6-rtp-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt
canonicalubuntu_linuxlinux-headers-2.6-serverp-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server
canonicalubuntu_linuxlinux-headers-2.6-umep-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume
Rows per page:
1-10 of 351

References

Related

ubuntu 2
nessus 36
openvas 69
osv 4
debian 4
redhat 7
suse 7
oraclelinux 6
centos 5
securityvulns 4
f5 4
ubuntucve 9
veracode 9
seebug 11
prion 10
cve 10
exploitpack 1
checkpoint_advisories 1
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-04-06 00:00:00
Linux kernel vulnerabilities
2009-04-07 00:00:00
nessus
nessus
Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)
2009-04-23 00:00:00
Debian DSA-1749-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak
2009-03-23 00:00:00
CentOS 4 : kernel (CESA-2009:0459)
2009-05-26 00:00:00
openvas
openvas
Ubuntu USN-752-1 (linux-source-2.6.15)
2009-04-15 00:00:00
Debian Security Advisory DSA 1749-1 (linux-2.6)
2009-03-31 00:00:00
Debian Security Advisory DSA 1749-1 (linux-2.6)
2009-03-31 00:00:00
osv
osv
linux-2.6 - several vulnerabilities
2009-03-20 00:00:00
linux-2.6.24 - several vulnerabilities
2009-05-02 00:00:00
linux-2.6 - multiple vulnerabilities
2009-05-06 00:00:00
debian
debian
[SECURITY] [DSA 1749-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-03-20 20:55:47
[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-05-02 18:33:03
[SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-05-06 23:23:13
redhat
redhat
(RHSA-2009:0360) Important: kernel-rt security and bug fix update
2009-03-26 00:00:00
(RHSA-2009:0451) Important: kernel-rt security and bug fix update
2009-04-29 00:00:00
(RHSA-2009:0459) Important: kernel security and bug fix update
2009-04-30 00:00:00
suse
suse
remote denial of service in kernel
2009-04-03 13:04:01
remote denial of service in kernel
2009-04-03 14:20:16
remote code execution in kernel
2009-06-09 09:26:36
oraclelinux
oraclelinux
kernel security and bug fix update
2009-05-01 00:00:00
Oracle Enterprise Linux 4.8 kernel security and bug fix update
2009-05-26 00:00:00
kernel security and bug fix update
2009-04-01 00:00:00
centos
centos
kernel security update
2009-05-01 10:39:17
kernel security update
2009-04-01 23:53:03
kernel security update
2009-09-15 18:17:47
securityvulns
securityvulns
[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-05-04 00:00:00
Linux kernel multiple security vulnerabilities
2009-03-12 00:00:00
[ MDVSA-2009:071 ] kernel
2009-03-12 00:00:00
f5
f5
K16351 : Multiple Linux kernel vulnerabilities CVE-2009-0834, CVE-2009-0835, and CVE-2009-0859
2015-04-02 00:00:00
SOL16351 - Multiple Linux kernel vulnerabilities CVE-2009-0834, CVE-2009-0835, and CVE-2009-0859
2015-04-02 00:00:00
K16349 : Linux kernel vulnerability CVE-2009-0676
2015-04-01 00:00:00
ubuntucve
ubuntucve
CVE-2008-4307
2009-01-13 00:00:00
CVE-2009-0675
2009-02-22 00:00:00
CVE-2009-0676
2009-02-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:31:48
Denial Of Service (DoS)
2020-04-10 00:30:22
Denial Of Service (DoS)
2020-04-10 00:37:50
seebug
seebug
Linux Kernel SysKonnect FDDI驱动非授权重置统计漏洞
2009-02-23 00:00:00
Linux Kernel locks_remove_flock()本地竞争条件漏洞
2009-01-15 00:00:00
Linux Kernel &lt;= 2.6.28.3 set_selection() UTF-8 Off By One Local Exploit
2009-07-10 00:00:00
prion
prion
Code injection
2009-02-22 22:30:00
Server side request forgery (ssrf)
2009-02-22 22:30:00
Race condition
2009-01-13 17:00:00
cve
cve
CVE-2009-0675
2009-02-22 22:30:00
CVE-2009-0322
2009-01-28 18:30:00
CVE-2008-4307
2009-01-13 17:00:00
exploitpack
exploitpack
Linux Kernel 2.6.24_16-232.6.27_7-102.6.28.3 (Ubuntu 8.048.10 Fedora Core 10 x86-64) - set_selection() UTF-8 Off-by-One Privilege Escalation
2009-07-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Linux Kernel SCTP FWD-TSN Handling Buffer Overflow (CVE-2009-0065)
2010-03-02 00:00:00
JSON
Related for UBUNTU_USN-751-1.NASL
ubuntu2nessus36openvas69osv4debian4redhat7suse7oraclelinux6centos5securityvulns4f54ubuntucve9veracode9seebug11prion10cve10exploitpack1checkpoint_advisories1