Lucene search
Copyright (C) 2015 Greenbone Networks GmbHOPENVAS:1361412562310123968HistoryOct 06, 2015 - 12:00 a.m.
Oracle: Security Advisory (ELSA-2012-0150)
2015-10-0600:00:00
Copyright (C) 2015 Greenbone Networks GmbH
plugins.openvas.org
27
7.2 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
The remote host is missing an update for the
# Copyright (C) 2015 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.123968");
script_cve_id("CVE-2011-1083");
script_tag(name:"creation_date", value:"2015-10-06 11:10:58 +0000 (Tue, 06 Oct 2015)");
script_version("2022-04-05T08:49:18+0000");
script_tag(name:"last_modification", value:"2022-04-05 08:49:18 +0000 (Tue, 05 Apr 2022)");
script_tag(name:"cvss_base", value:"4.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_name("Oracle: Security Advisory (ELSA-2012-0150)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone Networks GmbH");
script_family("Oracle Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/oracle_linux", "ssh/login/release", re:"ssh/login/release=OracleLinux5");
script_xref(name:"Advisory-ID", value:"ELSA-2012-0150");
script_xref(name:"URL", value:"https://linux.oracle.com/errata/ELSA-2012-0150.html");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel, ocfs2-2.6.18-308.el5, oracleasm-2.6.18-308.el5' package(s) announced via the ELSA-2012-0150 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"kernel
[2.6.18-308.el5]
- [scsi] lpfc: Update lpfc version for 8.2.0.108.4p driver release (Rob Evers) [784073]
- [scsi] lpfc: Fix FCP EQ memory check init w/single int vector (Rob Evers) [784073]
[2.6.18-307.el5]
- [s390] crypto: Reset sha2 index after processing partial block (David Howells) [677860]
- Revert: [fs] xfs: implement ->dirty_inode to fix timestamp (Eric Sandeen) [653215]
[2.6.18-306.el5]
- [s390] pfault: ignore leftover completion interrupts (Jarod Wilson) [753194]
- [cpufreq] powernow-k8: Fix indexing issue (Frank Arnold) [782773]
- [scsi] device_handler: optimize transition retries (Rob Evers) [733635]
- [net] qlge: fix size of external list for TX address descriptors (Chad Dupuis) [772696]
- [net] igmp: Avoid zero delay when rx'ing odd mix of IGMP queries (Jiri Pirko) [772869]
- [net] be2net: create RSS rings even in multi-channel configs (Ivan Vecera) [773114]
- [net] ipv6: track device renames in snmp6 (Andy Gospodarek) [758923]
- [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [783284] {CVE-2011-4086}
- [fs] epoll: workarounds to preserve kernel ABI (Jason Baron) [681692] {CVE-2011-1083}
- [fs] epoll: limit paths (Jason Baron) [681692] {CVE-2011-1083}
- [fs] epoll: prevent creating circular epoll structures (Jason Baron) [681692] {CVE-2011-1083}
- [fs] epoll: add ep_call_nested() (Jason Baron) [681692] {CVE-2011-1083}
- [fs] gfs2: additional fix for inode allocation error path (Robert S Peterson) [767377]
- [fs] gfs2: Revert clean up fsync changes (Robert S Peterson) [767377]
- [fs] ext4: ignore EXT4_INODE_JOURNAL_DATA flag with delalloc (Lukas Czerner) [769386]
- [mm] filemap: Make write(2) interruptible by a fatal signal (Lukas Czerner) [740898]
- [mm] Make task in balance_dirty_pages killable (Lukas Czerner) [740898]
- [fs] ext4: fix the deadlock in mpage_da_map_and_submit (Lukas Czerner) [740898]
- [fs] ext4: fix deadlock in ext4_ordered_write_end (Lukas Czerner) [740898]
- [fs] ext4: mark multi-page IO complete on mapping failure (Lukas Czerner) [740898]
- [fs] ext4: make invalidate pages handle page range properly (Lukas Czerner) [740898]
- [fs] ext4: call mpage_da_submit_io from mpage_da_map_blocks (Lukas Czerner) [740898]
- [fs] nfsd: Avoid excess stack usage in svc_tcp_recvfrom (J. Bruce Fields) [765751]
- [fs] nfsd: Replace two page lists in struct svc_rqst with one (J. Bruce Fields) [765751]
[2.6.18-305.el5]
- [edac] i5000: don't crash before showing the edac error (Mauro Carvalho Chehab) [713034]
- [Documentation] Add pci=noseg to kernel-parameters.txt (Prarit Bhargava) [743168]
- [net] ipv6: fix tcp_v6_conn_request (Jiri Benc) [714670]
- [redhat] update RHEL_MINOR to 8 for 5.8 release (Jarod Wilson) [773033]
- [misc] Move exit_robust_list to mm_release, null lists on cleanup (Laszlo Ersek) [750283] {CVE-2012-0028}
- [fs] nfs: Fix an O_DIRECT Oops (Jeff Layton) [754620] {CVE-2011-4325}
- [xen] x86: fix a ... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'kernel, ocfs2-2.6.18-308.el5, oracleasm-2.6.18-308.el5' package(s) on Oracle Linux 5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "OracleLinux5") {
if(!isnull(res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-PAE", rpm:"kernel-PAE~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-PAE-devel", rpm:"kernel-PAE-devel~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-xen-devel", rpm:"kernel-xen-devel~2.6.18~308.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ocfs2-2.6.18-308.el5", rpm:"ocfs2-2.6.18-308.el5~1.4.9~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ocfs2-2.6.18-308.el5PAE", rpm:"ocfs2-2.6.18-308.el5PAE~1.4.9~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ocfs2-2.6.18-308.el5debug", rpm:"ocfs2-2.6.18-308.el5debug~1.4.9~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"ocfs2-2.6.18-308.el5xen", rpm:"ocfs2-2.6.18-308.el5xen~1.4.9~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"oracleasm-2.6.18-308.el5", rpm:"oracleasm-2.6.18-308.el5~2.0.5~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"oracleasm-2.6.18-308.el5PAE", rpm:"oracleasm-2.6.18-308.el5PAE~2.0.5~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"oracleasm-2.6.18-308.el5debug", rpm:"oracleasm-2.6.18-308.el5debug~2.0.5~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"oracleasm-2.6.18-308.el5xen", rpm:"oracleasm-2.6.18-308.el5xen~2.0.5~1.el5", rls:"OracleLinux5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
prion
prion
Null pointer dereference
2012-01-27 15:55:00
Design/Logic Flaw
2012-07-03 16:40:00
Design/Logic Flaw
2012-06-21 23:55:00
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:08:10
Denial Of Service (DoS)
2019-01-15 08:51:18
Privilege Escalation
2020-04-10 01:07:38
ubuntucve
ubuntucve
amazon
amazon
nessus
nessus
Fedora 16 : kernel-3.2.5-3.fc16 (2012-1497)
2012-02-13 00:00:00
Amazon Linux AMI : kernel (ALAS-2012-45)
2013-09-04 00:00:00
Ubuntu 8.04 LTS : linux vulnerability (USN-1454-1)
2012-05-29 00:00:00
openvas
openvas
Ubuntu Update for linux USN-1454-1
2012-05-28 00:00:00
CentOS Update for kernel CESA-2012:0107 centos5
2012-07-30 00:00:00
Oracle: Security Advisory (ELSA-2012-2014)
2015-10-06 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2012-05-25 00:00:00
Linux kernel vulnerabilities
2012-05-18 00:00:00
Linux kernel (EC2) vulnerabilities
2012-05-25 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2012-05-16 00:00:00
kernel security and bug fix update
2012-02-09 00:00:00
1
2012-03-01 00:00:00
centos
centos
kernel security update
2012-02-09 21:30:36
kernel, perf, python security update
2012-05-16 09:19:09
kernel, perf, python security update
2012-07-10 17:23:49
redhat
redhat
(RHSA-2012:0107) Important: kernel security and bug fix update
2012-02-09 00:00:00
(RHSA-2012:0150) Moderate: Red Hat Enterprise Linux 5.8 kernel update
2012-02-21 00:00:00
(RHSA-2012:0571) Moderate: kernel security and bug fix update
2012-05-15 00:00:00
cvelist
cvelist
seebug
seebug
Linux kernel 2.6.x βexec()βζ¬ε°ζη»ζε‘ζΌζ΄
2012-02-14 00:00:00
Linux kernel 2.6.x 'exec()'ζ¬ε°ζη»ζε‘ζΌζ΄
2012-04-07 00:00:00
Linux Kernel epoll Subsystem βeventpoll.cβε€δΈͺζ¬ε°ζη»ζε‘ζΌζ΄
2012-02-22 00:00:00
debiancve
debiancve
CVE-2012-3375
2012-10-03 11:02:00
suse
suse
Security update for Linux kernel (important)
2012-05-14 16:08:28
Security update for Linux kernel (important)
2012-04-23 22:08:26
kernel update for SLE11 SP2 (important)
2012-04-26 20:08:43
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2012-03-10 00:00:00
[USN-1390-1] Linux kernel vulnerabilities
2012-03-10 00:00:00
[SECURITY] [DSA 2469-1] linux-2.6 security update
2012-05-14 00:00:00
debian
debian
[SECURITY] [DSA 2469-1] linux-2.6 security update
2012-05-10 15:56:44
osv
osv
linux-2.6 - several
2012-05-10 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: kernel-2.6.42.3-2.fc15
2012-02-11 22:03:03
[SECURITY] Fedora 15 Update: kernel-2.6.42.9-1.fc15
2012-03-06 19:39:27
[SECURITY] Fedora 15 Update: kernel-2.6.42.9-2.fc15
2012-03-15 02:31:47
7.2 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Related for OPENVAS:1361412562310123968