Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2022 Greenbone AGOPENVAS:13614125623111220098071
HistoryAug 26, 2022 - 12:00 a.m.

Ubuntu: Security Advisory (USN-807-1)

2022-08-2600:00:00
Copyright (C) 2022 Greenbone AG
plugins.openvas.org
3

6.4 Medium

AI Score

Confidence

High

0.104 Low

EPSS

Percentile

95.0%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.12.2009.807.1");
  script_cve_id("CVE-2009-1389", "CVE-2009-1895", "CVE-2009-2287", "CVE-2009-2406", "CVE-2009-2407");
  script_tag(name:"creation_date", value:"2022-08-26 07:43:23 +0000 (Fri, 26 Aug 2022)");
  script_version("2024-02-02T05:06:10+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:10 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");

  script_name("Ubuntu: Security Advisory (USN-807-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(6\.06\ LTS|8\.04\ LTS|8\.10|9\.04)");

  script_xref(name:"Advisory-ID", value:"USN-807-1");
  script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-807-1");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'linux, linux-source-2.6.15' package(s) announced via the USN-807-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"Michael Tokarev discovered that the RTL8169 network driver did not
correctly validate buffer sizes. A remote attacker on the local network
could send specially crafted traffic that would crash the system or
potentially grant elevated privileges. (CVE-2009-1389)

Julien Tinnes and Tavis Ormandy discovered that when executing setuid
processes the kernel did not clear certain personality flags. A local
attacker could exploit this to map the NULL memory page, causing other
vulnerabilities to become exploitable. Ubuntu 6.06 was not affected.
(CVE-2009-1895)

Matt T. Yourst discovered that KVM did not correctly validate the
page table root. A local attacker could exploit this to crash the
system, leading to a denial of service. Ubuntu 6.06 was not affected.
(CVE-2009-2287)

Ramon de Carvalho Valle discovered that eCryptfs did not correctly
validate certain buffer sizes. A local attacker could create specially
crafted eCryptfs files to crash the system or gain elevated privileges.
Ubuntu 6.06 was not affected. (CVE-2009-2406, CVE-2009-2407)");

  script_tag(name:"affected", value:"'linux, linux-source-2.6.15' package(s) on Ubuntu 6.06, Ubuntu 8.04, Ubuntu 8.10, Ubuntu 9.04.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU6.06 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-386", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-686", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-amd64-generic", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-amd64-k8", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-amd64-server", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-amd64-xeon", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-hppa32", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-hppa32-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-hppa64", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-hppa64-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-itanium", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-itanium-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-k7", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-mckinley", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-mckinley-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-powerpc", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-powerpc-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-powerpc64-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-server", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-server-bigiron", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-sparc64", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.15-54-sparc64-smp", ver:"2.6.15-54.78", rls:"UBUNTU6.06 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU8.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-386", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-generic", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-hppa32", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-hppa64", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-itanium", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-lpia", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-lpiacompat", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-mckinley", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-openvz", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-powerpc", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-powerpc-smp", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-powerpc64-smp", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-rt", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-server", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-sparc64", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-sparc64-smp", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-virtual", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.24-24-xen", ver:"2.6.24-24.57", rls:"UBUNTU8.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU8.10") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.27-14-generic", ver:"2.6.27-14.37", rls:"UBUNTU8.10"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.27-14-server", ver:"2.6.27-14.37", rls:"UBUNTU8.10"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.27-14-virtual", ver:"2.6.27-14.37", rls:"UBUNTU8.10"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU9.04") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-generic", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-imx51", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-iop32x", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-ixp4xx", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-lpia", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-server", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-versatile", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.28-14-virtual", ver:"2.6.28-14.47", rls:"UBUNTU9.04"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

ubuntu 1
nessus 40
openvas 82
debian 4
osv 3
fedora 13
securityvulns 6
oraclelinux 4
redhat 8
centos 3
suse 3
prion 6
cvelist 6
ubuntucve 6
cve 6
veracode 4
seebug 3
f5 1
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-07-28 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-807-1)
2009-07-29 00:00:00
Debian DSA-1845-1 : linux-2.6 - denial of service, privilege escalation
2010-02-24 00:00:00
openSUSE Security Update : kernel (kernel-1214)
2009-08-27 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1845-1)
2009-08-17 00:00:00
Debian Security Advisory DSA 1845-1 (linux-2.6)
2009-08-17 00:00:00
Fedora Core 11 FEDORA-2009-8144 (kernel)
2009-08-17 00:00:00
debian
debian
[SECURITY] [DSA 1845-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-07-29 05:05:00
[SECURITY] [DSA 1844-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-07-29 04:59:29
[SECURITY] [DSA 1846-1] New kvm packages fix denial of service
2009-07-29 05:33:10
osv
osv
linux-2.6 - several vulnerabilities
2009-07-28 00:00:00
linux-2.6.24 - several vulnerabilities
2009-07-28 00:00:00
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2009-08-16 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.29.6-217.2.3.fc11
2009-08-05 00:35:52
[SECURITY] Fedora 11 Update: kernel-2.6.29.6-217.2.7.fc11
2009-08-15 21:45:53
[SECURITY] Fedora 10 Update: kernel-2.6.27.29-170.2.78.fc10
2009-08-05 00:30:27
securityvulns
securityvulns
Linux eCryptfs buffer overflow
2009-07-29 00:00:00
Linux kernel DoS
2009-07-29 00:00:00
rPSA-2009-0111-1 kernel
2009-07-27 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2009-08-04 00:00:00
kernel security and bug fix update
2009-08-13 00:00:00
kernel security and bug fix update
2009-09-15 00:00:00
redhat
redhat
(RHSA-2009:1193) Important: kernel security and bug fix update
2009-08-04 00:00:00
(RHSA-2009:1211) Important: kernel security and bug fix update
2009-08-13 00:00:00
(RHSA-2009:1469) Important: kernel security update
2009-09-30 00:00:00
centos
centos
kernel security update
2009-08-05 16:23:13
kernel security update
2009-09-16 03:38:30
kernel security update
2009-11-04 00:55:32
suse
suse
local privilege escalation in kernel
2009-08-20 16:02:11
remote denial of service in kernel
2009-07-23 18:24:28
remote denial of service in kernel
2010-07-20 16:48:50
prion
prion
Stack overflow
2009-07-31 19:00:00
Buffer overflow
2009-06-16 23:30:00
Null pointer dereference
2009-07-01 13:00:00
cvelist
cvelist
CVE-2009-2406
2009-07-31 18:29:00
CVE-2009-1895
2009-07-16 15:00:00
CVE-2009-2287
2009-07-01 12:26:00
ubuntucve
ubuntucve
CVE-2009-2406
2009-07-31 00:00:00
CVE-2009-1895
2009-07-16 00:00:00
CVE-2009-2407
2009-07-31 00:00:00
cve
cve
CVE-2009-1895
2009-07-16 15:30:00
CVE-2009-2406
2009-07-31 19:00:00
CVE-2009-2407
2009-07-31 19:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:35:23
Denial Of Service (DoS)
2020-04-10 00:35:22
Privilege Escalation
2020-04-10 00:35:25
seebug
seebug
Linux Kernel PER_CLEAR_ON_SETID personality bypass
2009-09-18 00:00:00
Linux Kernel kvm_arch_vcpu_ioctl_set_sregs()函数本地拒绝服务漏洞
2009-07-09 00:00:00
Linux Kernel RTL8169 NIC远程拒绝服务漏洞
2009-06-13 00:00:00
f5
f5
K16479 : Linux kernel vulnerability CVE-2009-4537
2015-07-23 00:00:00

6.4 Medium

AI Score

Confidence

High

0.104 Low

EPSS

Percentile

95.0%

JSON
Related for OPENVAS:13614125623111220098071
ubuntu1nessus40openvas82debian4osv3fedora13securityvulns6oraclelinux4redhat8centos3suse3prion6cvelist6ubuntucve6cve6veracode4seebug3f51