7.6 High
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.889 High
EPSS
Percentile
98.7%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2008 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.57407");
script_cve_id("CVE-2005-4798", "CVE-2006-1528", "CVE-2006-2444", "CVE-2006-2446", "CVE-2006-2935", "CVE-2006-3745", "CVE-2006-4535");
script_tag(name:"creation_date", value:"2008-01-17 22:13:11 +0000 (Thu, 17 Jan 2008)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_name("Debian: Security Advisory (DSA-1183-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB3\.1");
script_xref(name:"Advisory-ID", value:"DSA-1183-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2006/DSA-1183-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-1183");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'fai-kernels, kernel-source-2.4.27, systemimager' package(s) announced via the DSA-1183-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2005-4798
A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service.
CVE-2006-2935
Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code.
CVE-2006-1528
A bug in the SCSI driver allows a local user to cause a denial of service.
CVE-2006-2444
Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service.
CVE-2006-2446
A race condition in the socket buffer handling allows remote attackers to cause a denial of service.
CVE-2006-3745
Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges.
CVE-2006-4535
David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value.
The following matrix explains which kernel version for which architecture fixes the problem mentioned above:
stable (sarge)
Source
2.4.27-10sarge4
Alpha architecture
2.4.27-10sarge4
ARM architecture
2.4.27-2sarge4
Intel IA-32 architecture
2.4.27-10sarge4
Intel IA-64 architecture
2.4.27-10sarge4
Motorola 680x0 architecture
2.4.27-3sarge4
MIPS architectures
2.4.27-10.sarge4.040815-1
PowerPC architecture
2.4.27-10sarge4
IBM S/390
2.4.27-2sarge4
Sun Sparc architecture
2.4.27-9sarge4
FAI
1.9.1sarge4
mindi-kernel
2.4.27-2sarge3
kernel-image-speakup-i386
2.4.27-1.1sarge3
systemimager
3.2.3-6sarge3
For the unstable distribution (sid) these problems won't be fixed anymore in the 2.4 kernel series.
We recommend that you upgrade your kernel package and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.");
script_tag(name:"affected", value:"'fai-kernels, kernel-source-2.4.27, systemimager' package(s) on Debian 3.1.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB3.1") {
if(!isnull(res = isdpkgvuln(pkg:"fai-kernels", ver:"1.9.1sarge4", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"kernel-doc-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"kernel-patch-debian-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"kernel-source-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"kernel-tree-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-boot-i386-standard", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-boot-ia64-standard", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-client", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-common", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-doc", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-server", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"systemimager-server-flamethrowerd", ver:"3.2.3-6sarge3", rls:"DEB3.1"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);