Search...

Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))

2008-02-28T00:00:00

ID OPENVAS:60438
Type openvas
Reporter Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
Modified 2017-07-07T00:00:00

Description

The remote host is missing an update to kernel-source-2.6.8 (2.6.8-17sarge1) announced via advisory DSA 1504-1.

                                        
                                            # OpenVAS Vulnerability Test
# $Id: deb_1504_1.nasl 6616 2017-07-07 12:10:49Z cfischer $
# Description: Auto-generated from advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. For details, please visit the referenced security advisories.

The following matrix lists additional packages that were rebuilt for
compatibility with or to take advantage of this update:

Debian 3.1 (sarge)
kernel-image-2.6.8-alpha    2.6.8-17sarge1
kernel-image-2.6.8-amd64    2.6.8-17sarge1
kernel-image-2.6.8-hppa     2.6.8-7sarge1
kernel-image-2.6.8-i386     2.6.8-17sarge1
kernel-image-2.6.8-ia64     2.6.8-15sarge1
kernel-image-2.6.8-m68k     2.6.8-5sarge1
kernel-image-2.6.8-s390     2.6.8-6sarge1
kernel-image-2.6.8-sparc    2.6.8-16sarge1
kernel-patch-powerpc-2.6.8  2.6.8-13sarge1
fai-kernels                 1.9.1sarge8

We recommend that you upgrade your kernel package immediately and reboot";
tag_summary = "The remote host is missing an update to kernel-source-2.6.8 (2.6.8-17sarge1)
announced via advisory DSA 1504-1.";

tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201504-1";


if(description)
{
 script_id(60438);
 script_version("$Revision: 6616 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-02-28 02:09:28 +0100 (Thu, 28 Feb 2008)");
 script_cve_id("CVE-2006-5823", "CVE-2006-6054", "CVE-2006-6058", "CVE-2006-7203", "CVE-2007-1353", "CVE-2007-2172", "CVE-2007-2525", "CVE-2007-3105", "CVE-2007-3739", "CVE-2007-3740", "CVE-2007-3848", "CVE-2007-4133", "CVE-2007-4308", "CVE-2007-4573", "CVE-2007-5093", "CVE-2007-6063", "CVE-2007-6151", "CVE-2007-6206", "CVE-2007-6694", "CVE-2008-0007");
 script_tag(name:"cvss_base", value:"7.8");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
 script_name("Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com");
 script_family("Debian Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"kernel-source-2.6.8", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-patch-2.6.8-s390", ver:"2.6.8-6sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-tree-2.6.8", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-doc-2.6.8", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-patch-debian-2.6.8", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-generic", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-generic", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-13-em64t-p4-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-13-em64t-p4", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-13-amd64-generic", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-13-amd64-generic", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-13-amd64-k8-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-13-em64t-p4-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-13-amd64-k8", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-13", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-13-amd64-k8-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-13-amd64-k8", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-13-em64t-p4", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-64", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-64-smp", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-64-smp", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-32-smp", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-32-smp", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-32", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-32", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-64", ver:"2.6.8-7sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-k7-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-386", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-686", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-686-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-k7-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-386", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-k7", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-686-smp", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-686", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"fai-kernels", ver:"1.9.1sarge8", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-k7", ver:"2.6.8-17sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-itanium", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-itanium-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6-mckinley-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6-mckinley", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6-mckinley", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6-mckinley-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6-itanium", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-itanium", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-mckinley", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6-itanium-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-mckinley", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-mckinley-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-itanium-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6-itanium", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-mckinley-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6-itanium-smp", ver:"2.6.8-15sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-sun3", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-mvme16x", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-q40", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-amiga", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-hp", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-mac", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-mvme147", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-bvme6000", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-atari", ver:"2.6.8-5sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-power3-smp", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-power3", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-powerpc-smp", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-power4-smp", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4-power3", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4-powerpc", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4-power4-smp", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-powerpc", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4-power4", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4-powerpc-smp", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4-power3-smp", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-power4", ver:"2.6.8-13sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-s390x", ver:"2.6.8-6sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-s390", ver:"2.6.8-6sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-s390-tape", ver:"2.6.8-6sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-sparc64-smp", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-sparc32", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-image-2.6.8-4-sparc64", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-sparc32", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-sparc64-smp", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-build-2.6.8-4", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kernel-headers-2.6.8-4-sparc64", ver:"2.6.8-16sarge1", rls:"DEB3.1")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:60438", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))", "description": "The remote host is missing an update to kernel-source-2.6.8 (2.6.8-17sarge1)\nannounced via advisory DSA 1504-1.", "published": "2008-02-28T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=60438", "reporter": "Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2007-4573", "CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-1353", "CVE-2006-7203", "CVE-2007-4133", "CVE-2007-3105", "CVE-2007-6151", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2007-3740", "CVE-2006-5823", "CVE-2007-6694", "CVE-2006-6058", "CVE-2007-2525", "CVE-2007-6063"], "lastseen": "2017-07-24T12:50:16", "viewCount": 0, "enchantments": {"score": {"value": 8.3, "vector": "NONE", "modified": "2017-07-24T12:50:16", "rev": 2}, "dependencies": {"references": [{"type": "nessus", "idList": ["DEBIAN_DSA-1504.NASL", "SL_20071203_KERNEL_ON_SL3.NASL", "UBUNTU_USN-578-1.NASL", "CENTOS_RHSA-2007-1049.NASL", "ORACLELINUX_ELSA-2007-1049.NASL", "MANDRAKE_MDKSA-2007-195.NASL", "ORACLELINUX_ELSA-2007-0939.NASL", "REDHAT-RHSA-2009-0001.NASL", "DEBIAN_DSA-1503.NASL", "REDHAT-RHSA-2007-1049.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1503-2:1BB11", "DEBIAN:DSA-1503-1:0C4D4", "DEBIAN:DSA-1381-2:956ED", "DEBIAN:DSA-1504-1:18A93", "DEBIAN:DSA-1381-1:B1830"]}, {"type": "openvas", "idList": ["OPENVAS:870197", "OPENVAS:60437", "OPENVAS:60498", "OPENVAS:63132", "OPENVAS:1361412562310880320", "OPENVAS:1361412562310880316", "OPENVAS:63344", "OPENVAS:880320", "OPENVAS:880316", "OPENVAS:1361412562310870197"]}, {"type": "cve", "idList": ["CVE-2006-7203", "CVE-2006-5823", "CVE-2007-4133", "CVE-2007-6206", "CVE-2007-4573", "CVE-2006-6054", "CVE-2007-6694", "CVE-2006-6058", "CVE-2007-6151", "CVE-2007-6063"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:18111", "SECURITYVULNS:VULN:8563", "SECURITYVULNS:DOC:18851"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-0376", "ELSA-2007-1049", "ELSA-2007-0937", "ELSA-2007-0939"]}, {"type": "centos", "idList": ["CESA-2007:1049", "CESA-2009:0001-01", "CESA-2007:0376", "CESA-2007:0939"]}, {"type": "redhat", "idList": ["RHSA-2009:0001", "RHSA-2007:0939", "RHSA-2007:0376", "RHSA-2008:0787", "RHSA-2007:1049"]}, {"type": "suse", "idList": ["SUSE-SA:2008:017"]}, {"type": "f5", "idList": ["F5:K8171", "SOL8171", "SOL8921", "SOL8922"]}, {"type": "ubuntu", "idList": ["USN-518-1", "USN-578-1"]}], "modified": "2017-07-24T12:50:16", "rev": 2}, "vulnersScore": 8.3}, "pluginID": "60438", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1504_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode. For details, please visit the referenced security advisories.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\nDebian 3.1 (sarge)\nkernel-image-2.6.8-alpha 2.6.8-17sarge1\nkernel-image-2.6.8-amd64 2.6.8-17sarge1\nkernel-image-2.6.8-hppa 2.6.8-7sarge1\nkernel-image-2.6.8-i386 2.6.8-17sarge1\nkernel-image-2.6.8-ia64 2.6.8-15sarge1\nkernel-image-2.6.8-m68k 2.6.8-5sarge1\nkernel-image-2.6.8-s390 2.6.8-6sarge1\nkernel-image-2.6.8-sparc 2.6.8-16sarge1\nkernel-patch-powerpc-2.6.8 2.6.8-13sarge1\nfai-kernels 1.9.1sarge8\n\nWe recommend that you upgrade your kernel package immediately and reboot\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.6.8 (2.6.8-17sarge1)\nannounced via advisory DSA 1504-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201504-1\";\n\n\nif(description)\n{\n script_id(60438);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-28 02:09:28 +0100 (Thu, 28 Feb 2008)\");\n script_cve_id(\"CVE-2006-5823\", \"CVE-2006-6054\", \"CVE-2006-6058\", \"CVE-2006-7203\", \"CVE-2007-1353\", \"CVE-2007-2172\", \"CVE-2007-2525\", \"CVE-2007-3105\", \"CVE-2007-3739\", \"CVE-2007-3740\", \"CVE-2007-3848\", \"CVE-2007-4133\", \"CVE-2007-4308\", \"CVE-2007-4573\", \"CVE-2007-5093\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6694\", \"CVE-2008-0007\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1504-1 (kernel-source-2.6.8 (2.6.8-17sarge1))\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.6.8\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.6.8-s390\", ver:\"2.6.8-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-tree-2.6.8\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.6.8\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-debian-2.6.8\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-generic\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-generic\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-13-em64t-p4-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-13-em64t-p4\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-13-amd64-generic\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-13-amd64-generic\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-13-amd64-k8-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-13-em64t-p4-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-13-amd64-k8\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-13\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-13-amd64-k8-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-13-amd64-k8\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-13-em64t-p4\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-64\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-64-smp\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-64-smp\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-32-smp\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-32-smp\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-32\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-32\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-64\", ver:\"2.6.8-7sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-k7-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-386\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-686\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-686-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-k7-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-386\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-k7\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-686-smp\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-686\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fai-kernels\", ver:\"1.9.1sarge8\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-k7\", ver:\"2.6.8-17sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-itanium\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-itanium-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6-mckinley-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6-mckinley\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6-mckinley\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6-mckinley-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6-itanium\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-itanium\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-mckinley\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6-itanium-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-mckinley\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-mckinley-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-itanium-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6-itanium\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-mckinley-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6-itanium-smp\", ver:\"2.6.8-15sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-sun3\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-mvme16x\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-q40\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-amiga\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-hp\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-mac\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-mvme147\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-bvme6000\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-atari\", ver:\"2.6.8-5sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-power3-smp\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-power3\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-powerpc-smp\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-power4-smp\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4-power3\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4-powerpc\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4-power4-smp\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-powerpc\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4-power4\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4-powerpc-smp\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4-power3-smp\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-power4\", ver:\"2.6.8-13sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-s390x\", ver:\"2.6.8-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-s390\", ver:\"2.6.8-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-s390-tape\", ver:\"2.6.8-6sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-sparc64-smp\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-sparc32\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.6.8-4-sparc64\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-sparc32\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-sparc64-smp\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.6.8-4\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.6.8-4-sparc64\", ver:\"2.6.8-16sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}

{"nessus": [{"lastseen": "2021-01-06T09:44:57", "description": "Several local and remote vulnerabilities have been discovered in the\nLinux kernel that may lead to a denial of service or the execution of\narbitrary code. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2006-5823\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted cramfs filesystem.\n\n - CVE-2006-6054\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted ext2 filesystem.\n\n - CVE-2006-6058\n LMH reported an issue in the minix filesystem that\n allows local users with mount privileges to create a DoS\n (printk flood) by mounting a specially crafted corrupt\n filesystem.\n\n - CVE-2006-7203\n OpenVZ Linux kernel team reported an issue in the smbfs\n filesystem which can be exploited by local users to\n cause a DoS (oops) during mount.\n\n - CVE-2007-1353\n Ilja van Sprundel discovered that kernel memory could be\n leaked via the Bluetooth setsockopt call due to an\n uninitialized stack buffer. This could be used by local\n attackers to read the contents of sensitive kernel\n memory.\n\n - CVE-2007-2172\n Thomas Graf reported a typo in the DECnet protocol\n handler that could be used by a local attacker to\n overrun an array via crafted packets, potentially\n resulting in a Denial of Service (system crash). A\n similar issue exists in the IPV4 protocol handler and\n will be fixed in a subsequent update.\n\n - CVE-2007-2525\n Florian Zumbiehl discovered a memory leak in the PPPOE\n subsystem caused by releasing a socket before\n PPPIOCGCHAN is called upon it. This could be used by a\n local user to DoS a system by consuming all available\n memory.\n\n - CVE-2007-3105\n The PaX Team discovered a potential buffer overflow in\n the random number generator which may permit local users\n to cause a denial of service or gain additional\n privileges. This issue is not believed to effect default\n Debian installations where only root has sufficient\n privileges to exploit it.\n\n - CVE-2007-3739\n Adam Litke reported a potential local denial of service\n (oops) on powerpc platforms resulting from unchecked VMA\n expansion into address space reserved for hugetlb pages.\n\n - CVE-2007-3740\n Steve French reported that CIFS filesystems with\n CAP_UNIX enabled were not honoring a process' umask\n which may lead to unintentionally relaxed permissions.\n\n - CVE-2007-3848\n Wojciech Purczynski discovered that pdeath_signal was\n not being reset properly under certain conditions which\n may allow local users to gain privileges by sending\n arbitrary signals to suid binaries.\n\n - CVE-2007-4133\n Hugh Dickins discovered a potential local DoS (panic) in\n hugetlbfs. A misconversion of hugetlb_vmtruncate_list to\n prio_tree may allow local users to trigger a BUG_ON()\n call in exit_mmap.\n\n - CVE-2007-4308\n Alan Cox reported an issue in the aacraid driver that\n allows unprivileged local users to make ioctl calls\n which should be restricted to admin privileges.\n\n - CVE-2007-4573\n Wojciech Purczynski discovered a vulnerability that can\n be exploited by a local user to obtain superuser\n privileges on x86_64 systems. This resulted from\n improper clearing of the high bits of registers during\n ia32 system call emulation. This vulnerability is\n relevant to the Debian amd64 port as well as users of\n the i386 port who run the amd64 linux-image flavour.\n\n - CVE-2007-5093\n Alex Smith discovered an issue with the pwc driver for\n certain webcam devices. If the device is removed while a\n userspace application has it open, the driver will wait\n for userspace to close the device, resulting in a\n blocked USB subsystem. This issue is of low security\n impact as it requires the attacker to either have\n physical access to the system or to convince a user with\n local access to remove the device on their behalf.\n\n - CVE-2007-6063\n Venustech AD-LAB discovered a a buffer overflow in the\n isdn ioctl handling, exploitable by a local user.\n\n - CVE-2007-6151\n ADLAB discovered a possible memory overrun in the ISDN\n subsystem that may permit a local user to overwrite\n kernel memory by issuing ioctls with unterminated data.\n\n - CVE-2007-6206\n Blake Frantz discovered that when a core file owned by a\n non-root user exists, and a root-owned process dumps\n core over it, the core file retains its original\n ownership. This could be used by a local user to gain\n access to sensitive information.\n\n - CVE-2007-6694\n Cyrill Gorcunov reported a NULL pointer dereference in\n code specific to the CHRP PowerPC platforms. Local users\n could exploit this issue to achieve a Denial of Service\n (DoS).\n\n - CVE-2008-0007\n Nick Piggin of SuSE discovered a number of issues in\n subsystems which register a fault handler for memory\n mapped areas. This issue can be exploited by local users\n to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update :\n\n Debian 3.1 (sarge) \n kernel-image-2.6.8-alpha 2.6.8-17sarge1 \n kernel-image-2.6.8-amd64 2.6.8-17sarge1 \n kernel-image-2.6.8-hppa 2.6.8-7sarge1 \n kernel-image-2.6.8-i386 2.6.8-17sarge1 \n kernel-image-2.6.8-ia64 2.6.8-15sarge1 \n kernel-image-2.6.8-m68k 2.6.8-5sarge1 \n kernel-image-2.6.8-s390 2.6.8-6sarge1 \n kernel-image-2.6.8-sparc 2.6.8-16sarge1 \n kernel-patch-powerpc-2.6.8 2.6.8-13sarge1 \n fai-kernels 1.9.1sarge8", "edition": 27, "published": "2008-02-25T00:00:00", "title": "Debian DSA-1504-1 : kernel-source-2.6.8 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4573", "CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-1353", "CVE-2006-7203", "CVE-2007-4133", "CVE-2007-3105", "CVE-2007-6151", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2007-3740", "CVE-2006-5823", "CVE-2007-6694", "CVE-2006-6058", "CVE-2007-2525", "CVE-2007-6063"], "modified": "2008-02-25T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:kernel-source-2.6.8"], "id": "DEBIAN_DSA-1504.NASL", "href": "https://www.tenable.com/plugins/nessus/31148", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1504. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31148);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-5823\", \"CVE-2006-6054\", \"CVE-2006-6058\", \"CVE-2006-7203\", \"CVE-2007-1353\", \"CVE-2007-2172\", \"CVE-2007-2525\", \"CVE-2007-3105\", \"CVE-2007-3739\", \"CVE-2007-3740\", \"CVE-2007-3848\", \"CVE-2007-4133\", \"CVE-2007-4308\", \"CVE-2007-4573\", \"CVE-2007-5093\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6694\", \"CVE-2008-0007\");\n script_xref(name:\"DSA\", value:\"1504\");\n\n script_name(english:\"Debian DSA-1504-1 : kernel-source-2.6.8 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several local and remote vulnerabilities have been discovered in the\nLinux kernel that may lead to a denial of service or the execution of\narbitrary code. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2006-5823\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted cramfs filesystem.\n\n - CVE-2006-6054\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted ext2 filesystem.\n\n - CVE-2006-6058\n LMH reported an issue in the minix filesystem that\n allows local users with mount privileges to create a DoS\n (printk flood) by mounting a specially crafted corrupt\n filesystem.\n\n - CVE-2006-7203\n OpenVZ Linux kernel team reported an issue in the smbfs\n filesystem which can be exploited by local users to\n cause a DoS (oops) during mount.\n\n - CVE-2007-1353\n Ilja van Sprundel discovered that kernel memory could be\n leaked via the Bluetooth setsockopt call due to an\n uninitialized stack buffer. This could be used by local\n attackers to read the contents of sensitive kernel\n memory.\n\n - CVE-2007-2172\n Thomas Graf reported a typo in the DECnet protocol\n handler that could be used by a local attacker to\n overrun an array via crafted packets, potentially\n resulting in a Denial of Service (system crash). A\n similar issue exists in the IPV4 protocol handler and\n will be fixed in a subsequent update.\n\n - CVE-2007-2525\n Florian Zumbiehl discovered a memory leak in the PPPOE\n subsystem caused by releasing a socket before\n PPPIOCGCHAN is called upon it. This could be used by a\n local user to DoS a system by consuming all available\n memory.\n\n - CVE-2007-3105\n The PaX Team discovered a potential buffer overflow in\n the random number generator which may permit local users\n to cause a denial of service or gain additional\n privileges. This issue is not believed to effect default\n Debian installations where only root has sufficient\n privileges to exploit it.\n\n - CVE-2007-3739\n Adam Litke reported a potential local denial of service\n (oops) on powerpc platforms resulting from unchecked VMA\n expansion into address space reserved for hugetlb pages.\n\n - CVE-2007-3740\n Steve French reported that CIFS filesystems with\n CAP_UNIX enabled were not honoring a process' umask\n which may lead to unintentionally relaxed permissions.\n\n - CVE-2007-3848\n Wojciech Purczynski discovered that pdeath_signal was\n not being reset properly under certain conditions which\n may allow local users to gain privileges by sending\n arbitrary signals to suid binaries.\n\n - CVE-2007-4133\n Hugh Dickins discovered a potential local DoS (panic) in\n hugetlbfs. A misconversion of hugetlb_vmtruncate_list to\n prio_tree may allow local users to trigger a BUG_ON()\n call in exit_mmap.\n\n - CVE-2007-4308\n Alan Cox reported an issue in the aacraid driver that\n allows unprivileged local users to make ioctl calls\n which should be restricted to admin privileges.\n\n - CVE-2007-4573\n Wojciech Purczynski discovered a vulnerability that can\n be exploited by a local user to obtain superuser\n privileges on x86_64 systems. This resulted from\n improper clearing of the high bits of registers during\n ia32 system call emulation. This vulnerability is\n relevant to the Debian amd64 port as well as users of\n the i386 port who run the amd64 linux-image flavour.\n\n - CVE-2007-5093\n Alex Smith discovered an issue with the pwc driver for\n certain webcam devices. If the device is removed while a\n userspace application has it open, the driver will wait\n for userspace to close the device, resulting in a\n blocked USB subsystem. This issue is of low security\n impact as it requires the attacker to either have\n physical access to the system or to convince a user with\n local access to remove the device on their behalf.\n\n - CVE-2007-6063\n Venustech AD-LAB discovered a a buffer overflow in the\n isdn ioctl handling, exploitable by a local user.\n\n - CVE-2007-6151\n ADLAB discovered a possible memory overrun in the ISDN\n subsystem that may permit a local user to overwrite\n kernel memory by issuing ioctls with unterminated data.\n\n - CVE-2007-6206\n Blake Frantz discovered that when a core file owned by a\n non-root user exists, and a root-owned process dumps\n core over it, the core file retains its original\n ownership. This could be used by a local user to gain\n access to sensitive information.\n\n - CVE-2007-6694\n Cyrill Gorcunov reported a NULL pointer dereference in\n code specific to the CHRP PowerPC platforms. Local users\n could exploit this issue to achieve a Denial of Service\n (DoS).\n\n - CVE-2008-0007\n Nick Piggin of SuSE discovered a number of issues in\n subsystems which register a fault handler for memory\n mapped areas. This issue can be exploited by local users\n to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update :\n\n Debian 3.1 (sarge) \n kernel-image-2.6.8-alpha 2.6.8-17sarge1 \n kernel-image-2.6.8-amd64 2.6.8-17sarge1 \n kernel-image-2.6.8-hppa 2.6.8-7sarge1 \n kernel-image-2.6.8-i386 2.6.8-17sarge1 \n kernel-image-2.6.8-ia64 2.6.8-15sarge1 \n kernel-image-2.6.8-m68k 2.6.8-5sarge1 \n kernel-image-2.6.8-s390 2.6.8-6sarge1 \n kernel-image-2.6.8-sparc 2.6.8-16sarge1 \n kernel-patch-powerpc-2.6.8 2.6.8-13sarge1 \n fai-kernels 1.9.1sarge8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-5823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6054\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-7203\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4133\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4573\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-5093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2008/dsa-1504\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel package immediately and reboot the machine. If you\nhave built a custom kernel from the kernel source package, you will\nneed to rebuild to take advantage of these fixes.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.6.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"fai-kernels\", reference:\"1.9.1sarge8\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4-power3\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4-power3-smp\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4-power4\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4-power4-smp\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4-powerpc\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.6.8-4-powerpc-smp\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-doc-2.6.8\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6-itanium\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6-itanium-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6-mckinley\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6-mckinley-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-13\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-13-amd64-generic\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-13-amd64-k8\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-13-amd64-k8-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-13-em64t-p4\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-13-em64t-p4-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-32\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-32-smp\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-386\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-64\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-64-smp\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-686\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-686-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-generic\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-itanium\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-itanium-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-k7\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-k7-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-mckinley\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-mckinley-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-sparc32\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-sparc64\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.6.8-4-sparc64-smp\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6-itanium\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6-itanium-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6-mckinley\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6-mckinley-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-13-amd64-generic\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-13-amd64-k8\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-13-amd64-k8-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-13-em64t-p4\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-13-em64t-p4-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-32\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-32-smp\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-386\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-64\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-64-smp\", reference:\"2.6.8-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-686\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-686-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-generic\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-itanium\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-itanium-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-k7\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-k7-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-mckinley\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-mckinley-smp\", reference:\"2.6.8-15sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-power3\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-power3-smp\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-power4\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-power4-smp\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-powerpc\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-powerpc-smp\", reference:\"2.6.8-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-s390\", reference:\"2.6.8-6sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-s390-tape\", reference:\"2.6.8-6sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-s390x\", reference:\"2.6.8-6sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-smp\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-sparc32\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-sparc64\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-4-sparc64-smp\", reference:\"2.6.8-16sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-amiga\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-atari\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-bvme6000\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-hp\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-mac\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-mvme147\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-mvme16x\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-q40\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.6.8-sun3\", reference:\"2.6.8-5sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-2.6.8-s390\", reference:\"2.6.8-6sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-debian-2.6.8\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-source-2.6.8\", reference:\"2.6.8-17sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-tree-2.6.8\", reference:\"2.6.8-17sarge1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:44:57", "description": "Several local and remote vulnerabilities have been discovered in the\nLinux kernel that may lead to a denial of service or the execution of\narbitrary code. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2004-2731\n infamous41md reported multiple integer overflows in the\n Sbus PROM driver that would allow for a DoS (Denial of\n Service) attack by a local user, and possibly the\n execution of arbitrary code.\n\n - CVE-2006-4814\n Doug Chapman discovered a potential local DoS (deadlock)\n in the mincore function caused by improper lock\n handling.\n\n - CVE-2006-5753\n Eric Sandeen provided a fix for a local memory\n corruption vulnerability resulting from a\n misinterpretation of return values when operating on\n inodes which have been marked bad.\n\n - CVE-2006-5823\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted cramfs filesystem.\n\n - CVE-2006-6053\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted ext3 filesystem.\n\n - CVE-2006-6054\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted ext2 filesystem.\n\n - CVE-2006-6106\n Marcel Holtman discovered multiple buffer overflows in\n the Bluetooth subsystem which can be used to trigger a\n remote DoS (crash) and potentially execute arbitrary\n code.\n\n - CVE-2007-1353\n Ilja van Sprundel discovered that kernel memory could be\n leaked via the Bluetooth setsockopt call due to an\n uninitialized stack buffer. This could be used by local\n attackers to read the contents of sensitive kernel\n memory.\n\n - CVE-2007-1592\n Masayuki Nakagawa discovered that flow labels were\n inadvertently being shared between listening sockets and\n child sockets. This defect can be exploited by local\n users to cause a DoS (Oops).\n\n - CVE-2007-2172\n Thomas Graf reported a typo in the DECnet protocol\n handler that could be used by a local attacker to\n overrun an array via crafted packets, potentially\n resulting in a Denial of Service (system crash). A\n similar issue exists in the IPV4 protocol handler and\n will be fixed in a subsequent update.\n\n - CVE-2007-2525\n Florian Zumbiehl discovered a memory leak in the PPPOE\n subsystem caused by releasing a socket before\n PPPIOCGCHAN is called upon it. This could be used by a\n local user to DoS a system by consuming all available\n memory.\n\n - CVE-2007-3848\n Wojciech Purczynski discovered that pdeath_signal was\n not being reset properly under certain conditions which\n may allow local users to gain privileges by sending\n arbitrary signals to suid binaries.\n\n - CVE-2007-4308\n Alan Cox reported an issue in the aacraid driver that\n allows unprivileged local users to make ioctl calls\n which should be restricted to admin privileges.\n\n - CVE-2007-4311\n PaX team discovered an issue in the random driver where\n a defect in the reseeding code leads to a reduction in\n entropy.\n\n - CVE-2007-5093\n Alex Smith discovered an issue with the pwc driver for\n certain webcam devices. If the device is removed while a\n userspace application has it open, the driver will wait\n for userspace to close the device, resulting in a\n blocked USB subsystem. This issue is of low security\n impact as it requires the attacker to either have\n physical access to the system or to convince a user with\n local access to remove the device on their behalf.\n\n - CVE-2007-6063\n Venustech AD-LAB discovered a a buffer overflow in the\n isdn ioctl handling, exploitable by a local user.\n\n - CVE-2007-6151\n ADLAB discovered a possible memory overrun in the ISDN\n subsystem that may permit a local user to overwrite\n kernel memory by issuing ioctls with unterminated data.\n\n - CVE-2007-6206\n Blake Frantz discovered that when a core file owned by a\n non-root user exists, and a root-owned process dumps\n core over it, the core file retains its original\n ownership. This could be used by a local user to gain\n access to sensitive information.\n\n - CVE-2007-6694\n Cyrill Gorcunov reported a NULL pointer dereference in\n code specific to the CHRP PowerPC platforms. Local users\n could exploit this issue to achieve a Denial of Service\n (DoS).\n\n - CVE-2008-0007\n Nick Piggin of SuSE discovered a number of issues in\n subsystems which register a fault handler for memory\n mapped areas. This issue can be exploited by local users\n to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update :\n\n Debian 3.1 (sarge) \n alsa-modules-i386 1.0.8+2sarge2 \n kernel-image-2.4.27-arm 2.4.27-2sarge6 \n kernel-image-2.4.27-m68k 2.4.27-3sarge6 \n kernel-image-speakup-i386 2.4.27-1.1sarge5 \n kernel-image-2.4.27-alpha 2.4.27-10sarge6 \n kernel-image-2.4.27-s390 2.4.27-2sarge6 \n kernel-image-2.4.27-sparc 2.4.27-9sarge6 \n kernel-image-2.4.27-i386 2.4.27-10sarge6 \n kernel-image-2.4.27-ia64 2.4.27-10sarge6 \n kernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-3 \n kernel-patch-powerpc-2.4.27 2.4.27-10sarge6 \n kernel-latest-2.4-alpha 101sarge3 \n kernel-latest-2.4-i386 101sarge2 \n kernel-latest-2.4-s390 2.4.27-1sarge2 \n kernel-latest-2.4-sparc 42sarge3 \n i2c 1:2.9.1-1sarge2 \n lm-sensors 1:2.9.1-1sarge4 \n mindi-kernel 2.4.27-2sarge5 \n pcmcia-modules-2.4.27-i386 3.2.5+2sarge2 \n hostap-modules-i386 1:0.3.7-1sarge3 \n systemimager 3.2.3-6sarge5", "edition": 26, "published": "2008-02-25T00:00:00", "title": "Debian DSA-1503-1 : kernel-source-2.4.27 - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-4311", "CVE-2007-1353", "CVE-2006-4814", "CVE-2007-6151", "CVE-2004-2731", "CVE-2006-6106", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-1592", "CVE-2006-6053", "CVE-2007-6206", "CVE-2006-5753", "CVE-2006-5823", "CVE-2007-6694", "CVE-2007-2525", "CVE-2007-6063"], "modified": "2008-02-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:kernel-source-2.4.27", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-1503.NASL", "href": "https://www.tenable.com/plugins/nessus/31147", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1503. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31147);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-2731\", \"CVE-2006-4814\", \"CVE-2006-5753\", \"CVE-2006-5823\", \"CVE-2006-6053\", \"CVE-2006-6054\", \"CVE-2006-6106\", \"CVE-2007-1353\", \"CVE-2007-1592\", \"CVE-2007-2172\", \"CVE-2007-2525\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-4311\", \"CVE-2007-5093\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6694\", \"CVE-2008-0007\");\n script_bugtraq_id(23870, 25216, 25387, 26605, 26701, 27497, 27686);\n script_xref(name:\"DSA\", value:\"1503\");\n\n script_name(english:\"Debian DSA-1503-1 : kernel-source-2.4.27 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several local and remote vulnerabilities have been discovered in the\nLinux kernel that may lead to a denial of service or the execution of\narbitrary code. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2004-2731\n infamous41md reported multiple integer overflows in the\n Sbus PROM driver that would allow for a DoS (Denial of\n Service) attack by a local user, and possibly the\n execution of arbitrary code.\n\n - CVE-2006-4814\n Doug Chapman discovered a potential local DoS (deadlock)\n in the mincore function caused by improper lock\n handling.\n\n - CVE-2006-5753\n Eric Sandeen provided a fix for a local memory\n corruption vulnerability resulting from a\n misinterpretation of return values when operating on\n inodes which have been marked bad.\n\n - CVE-2006-5823\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted cramfs filesystem.\n\n - CVE-2006-6053\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted ext3 filesystem.\n\n - CVE-2006-6054\n LMH reported a potential local DoS which could be\n exploited by a malicious user with the privileges to\n mount and read a corrupted ext2 filesystem.\n\n - CVE-2006-6106\n Marcel Holtman discovered multiple buffer overflows in\n the Bluetooth subsystem which can be used to trigger a\n remote DoS (crash) and potentially execute arbitrary\n code.\n\n - CVE-2007-1353\n Ilja van Sprundel discovered that kernel memory could be\n leaked via the Bluetooth setsockopt call due to an\n uninitialized stack buffer. This could be used by local\n attackers to read the contents of sensitive kernel\n memory.\n\n - CVE-2007-1592\n Masayuki Nakagawa discovered that flow labels were\n inadvertently being shared between listening sockets and\n child sockets. This defect can be exploited by local\n users to cause a DoS (Oops).\n\n - CVE-2007-2172\n Thomas Graf reported a typo in the DECnet protocol\n handler that could be used by a local attacker to\n overrun an array via crafted packets, potentially\n resulting in a Denial of Service (system crash). A\n similar issue exists in the IPV4 protocol handler and\n will be fixed in a subsequent update.\n\n - CVE-2007-2525\n Florian Zumbiehl discovered a memory leak in the PPPOE\n subsystem caused by releasing a socket before\n PPPIOCGCHAN is called upon it. This could be used by a\n local user to DoS a system by consuming all available\n memory.\n\n - CVE-2007-3848\n Wojciech Purczynski discovered that pdeath_signal was\n not being reset properly under certain conditions which\n may allow local users to gain privileges by sending\n arbitrary signals to suid binaries.\n\n - CVE-2007-4308\n Alan Cox reported an issue in the aacraid driver that\n allows unprivileged local users to make ioctl calls\n which should be restricted to admin privileges.\n\n - CVE-2007-4311\n PaX team discovered an issue in the random driver where\n a defect in the reseeding code leads to a reduction in\n entropy.\n\n - CVE-2007-5093\n Alex Smith discovered an issue with the pwc driver for\n certain webcam devices. If the device is removed while a\n userspace application has it open, the driver will wait\n for userspace to close the device, resulting in a\n blocked USB subsystem. This issue is of low security\n impact as it requires the attacker to either have\n physical access to the system or to convince a user with\n local access to remove the device on their behalf.\n\n - CVE-2007-6063\n Venustech AD-LAB discovered a a buffer overflow in the\n isdn ioctl handling, exploitable by a local user.\n\n - CVE-2007-6151\n ADLAB discovered a possible memory overrun in the ISDN\n subsystem that may permit a local user to overwrite\n kernel memory by issuing ioctls with unterminated data.\n\n - CVE-2007-6206\n Blake Frantz discovered that when a core file owned by a\n non-root user exists, and a root-owned process dumps\n core over it, the core file retains its original\n ownership. This could be used by a local user to gain\n access to sensitive information.\n\n - CVE-2007-6694\n Cyrill Gorcunov reported a NULL pointer dereference in\n code specific to the CHRP PowerPC platforms. Local users\n could exploit this issue to achieve a Denial of Service\n (DoS).\n\n - CVE-2008-0007\n Nick Piggin of SuSE discovered a number of issues in\n subsystems which register a fault handler for memory\n mapped areas. This issue can be exploited by local users\n to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update :\n\n Debian 3.1 (sarge) \n alsa-modules-i386 1.0.8+2sarge2 \n kernel-image-2.4.27-arm 2.4.27-2sarge6 \n kernel-image-2.4.27-m68k 2.4.27-3sarge6 \n kernel-image-speakup-i386 2.4.27-1.1sarge5 \n kernel-image-2.4.27-alpha 2.4.27-10sarge6 \n kernel-image-2.4.27-s390 2.4.27-2sarge6 \n kernel-image-2.4.27-sparc 2.4.27-9sarge6 \n kernel-image-2.4.27-i386 2.4.27-10sarge6 \n kernel-image-2.4.27-ia64 2.4.27-10sarge6 \n kernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-3 \n kernel-patch-powerpc-2.4.27 2.4.27-10sarge6 \n kernel-latest-2.4-alpha 101sarge3 \n kernel-latest-2.4-i386 101sarge2 \n kernel-latest-2.4-s390 2.4.27-1sarge2 \n kernel-latest-2.4-sparc 42sarge3 \n i2c 1:2.9.1-1sarge2 \n lm-sensors 1:2.9.1-1sarge4 \n mindi-kernel 2.4.27-2sarge5 \n pcmcia-modules-2.4.27-i386 3.2.5+2sarge2 \n hostap-modules-i386 1:0.3.7-1sarge3 \n systemimager 3.2.3-6sarge5\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2004-2731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-4814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-5753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-5823\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6054\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2006-6106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-1592\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-2525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-4311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-5093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2007-6694\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-0007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2008/dsa-1503\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel package immediately and reboot the machine. If you\nhave built a custom kernel from the kernel source package, you will\nneed to rebuild to take advantage of these fixes.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 20, 119, 189, 310, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.27\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/25\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/03/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-386\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-586tsc\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-686\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-686-smp\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-k6\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-k7\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.4.27-4-k7-smp\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.6.8-4-386\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.6.8-4-686\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.6.8-4-686-smp\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.6.8-4-k7\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"hostap-modules-2.6.8-4-k7-smp\", reference:\"0.3.7-1sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-386\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-586tsc\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-686\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-686-smp\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-k6\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-k7\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-2.4.27-4-k7-smp\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"i2c-source\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27-4\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27-apus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27-nubus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27-powerpc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27-powerpc-small\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-build-2.4.27-powerpc-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-doc-2.4.27\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-doc-2.4.27-speakup\", reference:\"2.4.27-1.1sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-386\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-586tsc\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-686\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-686-smp\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-generic\", reference:\"101sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-k6\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-k7\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-k7-smp\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-s390\", reference:\"2.4.27-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-smp\", reference:\"101sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-sparc32\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-sparc32-smp\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-sparc64\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4-sparc64-smp\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-386\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-586tsc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-686\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-686-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-generic\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-itanium\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-itanium-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-k6\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-k7\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-k7-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-mckinley\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-mckinley-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-sparc32\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-sparc32-smp\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-sparc64\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-4-sparc64-smp\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-apus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-nubus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-powerpc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-headers-2.4.27-speakup\", reference:\"2.4.27-1.1sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-386\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-586tsc\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-686\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-686-smp\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-generic\", reference:\"101sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-itanium\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-itanium-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-k6\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-k7\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-k7-smp\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-mckinley\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-mckinley-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-s390\", reference:\"2.4.27-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-s390x\", reference:\"2.4.27-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-smp\", reference:\"101sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-sparc32\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-sparc32-smp\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-sparc64\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4-sparc64-smp\", reference:\"42sarge3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-386\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-586tsc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-686\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-686-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-generic\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-itanium\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-itanium-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-k6\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-k7\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-k7-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-mckinley\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-mckinley-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-s390\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-s390-tape\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-s390x\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-sparc32\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-sparc32-smp\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-sparc64\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-4-sparc64-smp\", reference:\"2.4.27-9sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-amiga\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-apus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-atari\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-bast\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-bvme6000\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-lart\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-mac\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-mvme147\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-mvme16x\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-netwinder\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-nubus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-powerpc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-powerpc-small\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-powerpc-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-q40\", reference:\"2.4.27-3sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-r3k-kn02\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-r4k-ip22\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-r4k-kn04\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-r5k-cobalt\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-r5k-ip22\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-r5k-lasat\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-riscpc\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-riscstation\", reference:\"2.4.27-2sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-sb1-swarm-bn\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-speakup\", reference:\"2.4.27-1.1sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-image-2.4.27-xxs1500\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-2.4-i2c\", reference:\"2.9.1-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-2.4-lm-sensors\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-2.4.27-apus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-2.4.27-nubus\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-2.4.27-powerpc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-patch-debian-2.4.27\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-386\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-586tsc\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-686\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-686-smp\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-k6\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-k7\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4-k7-smp\", reference:\"101sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-386\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-586tsc\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-686\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-686-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-k6\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-k7\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-pcmcia-modules-2.4.27-4-k7-smp\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-source-2.4.27\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"kernel-tree-2.4.27\", reference:\"2.4.27-10sarge6\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libsensors-dev\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libsensors3\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-386\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-586tsc\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-686\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-686-smp\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-k6\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-k7\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-2.4.27-4-k7-smp\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"lm-sensors-source\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mindi-kernel\", reference:\"2.4.27-2sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"mips-tools\", reference:\"2.4.27-10.sarge4.040815-3\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-386\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-586tsc\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-686\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-686-smp\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-k6\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-k7\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pcmcia-modules-2.4.27-4-k7-smp\", reference:\"3.2.5+2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"sensord\", reference:\"2.9.1-1sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-boot-i386-standard\", reference:\"3.2.3-6sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-boot-ia64-standard\", reference:\"3.2.3-6sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-client\", reference:\"3.2.3-6sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-common\", reference:\"3.2.3-6sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-doc\", reference:\"3.2.3-6sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-server\", reference:\"3.2.3-6sarge5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"systemimager-server-flamethrowerd\", reference:\"3.2.3-6sarge5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:43:48", "description": "A flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n - a bug in the TCP header prediction code may have caused\n 'TCP: Treason uncloaked!' messages to be logged. In\n certain situations this may have lead to TCP connections\n hanging or aborting.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : kernel on SL3.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20071203_KERNEL_ON_SL3.NASL", "href": "https://www.tenable.com/plugins/nessus/60321", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60321);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4538\", \"CVE-2007-2172\", \"CVE-2007-3739\", \"CVE-2007-3848\", \"CVE-2007-4308\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL3.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n - a bug in the TCP header prediction code may have caused\n 'TCP: Treason uncloaked!' messages to be logged. In\n certain situations this may have lead to TCP connections\n hanging or aborting.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0712&L=scientific-linux-errata&T=0&P=773\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d5694e67\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"kernel-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-doc-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-source-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"kernel-unsupported-2.4.21-53.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:05:56", "description": "Updated kernel packages that fix several security issues and a bug in\nthe Red Hat Enterprise Linux 3 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* a bug in the TCP header prediction code may have caused 'TCP:\nTreason uncloaked!' messages to be logged. In certain situations this\nmay have lead to TCP connections hanging or aborting.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 28, "published": "2007-12-04T00:00:00", "title": "RHEL 3 : kernel (RHSA-2007:1049)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "modified": "2007-12-04T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "p-cpe:/a:redhat:enterprise_linux:kernel-BOOT", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2007-1049.NASL", "href": "https://www.tenable.com/plugins/nessus/29203", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1049. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29203);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4538\", \"CVE-2007-2172\", \"CVE-2007-3739\", \"CVE-2007-3848\", \"CVE-2007-4308\");\n script_bugtraq_id(19702, 25216, 25387);\n script_xref(name:\"RHSA\", value:\"2007:1049\");\n\n script_name(english:\"RHEL 3 : kernel (RHSA-2007:1049)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and a bug in\nthe Red Hat Enterprise Linux 3 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* a bug in the TCP header prediction code may have caused 'TCP:\nTreason uncloaked!' messages to be logged. In certain situations this\nmay have lead to TCP connections hanging or aborting.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:1049\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-4538\", \"CVE-2007-2172\", \"CVE-2007-3739\", \"CVE-2007-3848\", \"CVE-2007-4308\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2007:1049\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1049\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-doc-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-unsupported-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-source-2.4.21-53.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-unsupported-2.4.21-53.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:44:04", "description": "From Red Hat Security Advisory 2007:1049 :\n\nUpdated kernel packages that fix several security issues and a bug in\nthe Red Hat Enterprise Linux 3 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* a bug in the TCP header prediction code may have caused 'TCP:\nTreason uncloaked!' messages to be logged. In certain situations this\nmay have lead to TCP connections hanging or aborting.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : kernel (ELSA-2007-1049)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-unsupported", "p-cpe:/a:oracle:linux:kernel-smp", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:kernel-BOOT", "p-cpe:/a:oracle:linux:kernel-source", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-smp-unsupported", "p-cpe:/a:oracle:linux:kernel-hugemem-unsupported"], "id": "ORACLELINUX_ELSA-2007-1049.NASL", "href": "https://www.tenable.com/plugins/nessus/67609", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:1049 and \n# Oracle Linux Security Advisory ELSA-2007-1049 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67609);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4538\", \"CVE-2007-2172\", \"CVE-2007-3739\", \"CVE-2007-3848\", \"CVE-2007-4308\");\n script_bugtraq_id(19702, 25216, 25387);\n script_xref(name:\"RHSA\", value:\"2007:1049\");\n\n script_name(english:\"Oracle Linux 3 : kernel (ELSA-2007-1049)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:1049 :\n\nUpdated kernel packages that fix several security issues and a bug in\nthe Red Hat Enterprise Linux 3 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* a bug in the TCP header prediction code may have caused 'TCP:\nTreason uncloaked!' messages to be logged. In certain situations this\nmay have lead to TCP connections hanging or aborting.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-December/000432.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-4538\", \"CVE-2007-2172\", \"CVE-2007-3739\", \"CVE-2007-3848\", \"CVE-2007-4308\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2007-1049\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.4\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-BOOT-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-doc-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-doc-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-doc-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-hugemem-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-smp-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-source-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-source-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-source-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"kernel-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_exists(release:\"EL3\", rpm:\"kernel-unsupported-2.4.21\") && rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"kernel-unsupported-2.4.21-53.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:25:13", "description": "Updated kernel packages that fix several security issues and a bug in\nthe Red Hat Enterprise Linux 3 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* a bug in the TCP header prediction code may have caused 'TCP:\nTreason uncloaked!' messages to be logged. In certain situations this\nmay have lead to TCP connections hanging or aborting.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.", "edition": 28, "published": "2007-12-04T00:00:00", "title": "CentOS 3 : kernel (CESA-2007:1049)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "modified": "2007-12-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-hugemem-unsupported", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-BOOT", "p-cpe:/a:centos:centos:kernel-smp-unsupported", "p-cpe:/a:centos:centos:kernel-source", "p-cpe:/a:centos:centos:kernel-unsupported", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2007-1049.NASL", "href": "https://www.tenable.com/plugins/nessus/29190", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1049 and \n# CentOS Errata and Security Advisory 2007:1049 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29190);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-4538\", \"CVE-2007-2172\", \"CVE-2007-3739\", \"CVE-2007-3848\", \"CVE-2007-4308\");\n script_bugtraq_id(19702, 25216, 25387);\n script_xref(name:\"RHSA\", value:\"2007:1049\");\n\n script_name(english:\"CentOS 3 : kernel (CESA-2007:1049)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and a bug in\nthe Red Hat Enterprise Linux 3 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\nA flaw was found in the IPv4 forwarding base. This allowed a local\nuser to cause a denial of service. (CVE-2007-2172, Important)\n\nA flaw was found where a corrupted executable file could cause\ncross-region memory mappings on Itanium systems. This allowed a local\nuser to cause a denial of service. (CVE-2006-4538, Moderate)\n\nA flaw was found in the stack expansion when using the hugetlb kernel\non PowerPC systems. This allowed a local user to cause a denial of\nservice. (CVE-2007-3739, Moderate)\n\nA flaw was found in the aacraid SCSI driver. This allowed a local user\nto make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\nAs well, these updated packages fix the following bug :\n\n* a bug in the TCP header prediction code may have caused 'TCP:\nTreason uncloaked!' messages to be logged. In certain situations this\nmay have lead to TCP connections hanging or aborting.\n\nRed Hat Enterprise Linux 3 users are advised to upgrade to these\nupdated packages, which contain backported patches to resolve these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-December/014479.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c43460dc\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-December/014480.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3125227c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-December/014486.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e2283a2f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-doc-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-hugemem-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-source-2.4.21-53.EL\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"kernel-unsupported-2.4.21-53.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:06:24", "description": "Updated kernel packages that fix a number of security issues are now\navailable for Red Hat Enterprise Linux 2.1 running on 32-bit\narchitectures.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a flaw was found in the IPv4 forwarding base. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This\nallowed a local, unprivileged user to send arbitrary signals to the\nsuid-process executed by that user. Successful exploitation of this\nflaw depends on the structure of the suid-program and its signal\nhandling. (CVE-2007-3848, Important)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal, unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a denial of\nservice. (CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire\nthe privileges of a different group and obtain access to sensitive\ninformation. (CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local,\nunprivileged user to cause a denial of service. (CVE-2006-4814,\nModerate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should\notherwise be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services\nDigital Network (ISDN) subsystem. A local, unprivileged user could use\nthese flaws to cause a denial of service. (CVE-2007-6063,\nCVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a\nlocal, unprivileged user could make a root-owned process dump a core\nfile into a user-writable directory, the user could gain read access\nto that core file, potentially compromising sensitive information.\n(CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures\nshould upgrade to these updated packages which address these\nvulnerabilities. For this update to take effect, the system must be\nrebooted.", "edition": 27, "published": "2009-01-09T00:00:00", "title": "RHEL 2.1 : kernel (RHSA-2009:0001)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "modified": "2009-01-09T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-BOOT", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-source", "p-cpe:/a:redhat:enterprise_linux:kernel-summit", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-enterprise"], "id": "REDHAT-RHSA-2009-0001.NASL", "href": "https://www.tenable.com/plugins/nessus/35323", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0001. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35323);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_bugtraq_id(21663, 25216, 25387, 26605, 26701, 27497, 27686, 29235, 30647, 31368);\n script_xref(name:\"RHSA\", value:\"2009:0001\");\n\n script_name(english:\"RHEL 2.1 : kernel (RHSA-2009:0001)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix a number of security issues are now\navailable for Red Hat Enterprise Linux 2.1 running on 32-bit\narchitectures.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues :\n\n* a flaw was found in the IPv4 forwarding base. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This\nallowed a local, unprivileged user to send arbitrary signals to the\nsuid-process executed by that user. Successful exploitation of this\nflaw depends on the structure of the suid-program and its signal\nhandling. (CVE-2007-3848, Important)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A\nlocal, unprivileged user could use this flaw to gain read or write\naccess to arbitrary kernel memory, or possibly cause a denial of\nservice. (CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2008-2136,\nImportant)\n\n* missing capability checks were found in the SBNI WAN driver which\ncould allow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire\nthe privileges of a different group and obtain access to sensitive\ninformation. (CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local,\nunprivileged user to cause a denial of service. (CVE-2006-4814,\nModerate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should\notherwise be restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services\nDigital Network (ISDN) subsystem. A local, unprivileged user could use\nthese flaws to cause a denial of service. (CVE-2007-6063,\nCVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a\nlocal, unprivileged user could make a root-owned process dump a core\nfile into a user-writable directory, the user could gain read access\nto that core file, potentially compromising sensitive information.\n(CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt\nfile creation within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures\nshould upgrade to these updated packages which address these\nvulnerabilities. For this update to take effect, the system must be\nrebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2006-4814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-2172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-6206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-0007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3275\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4210\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0001\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-enterprise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-summit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/12/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0001\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0001\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-debug-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-doc-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-enterprise-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-headers-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-smp-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"kernel-source-2.4.9-e.74\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i686\", reference:\"kernel-summit-2.4.9-e.74\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-debug / kernel-doc / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T15:44:08", "description": "The minix filesystem did not properly validate certain filesystem\nvalues. If a local attacker could trick the system into attempting to\nmount a corrupted minix filesystem, the kernel could be made to hang\nfor long periods of time, resulting in a denial of service.\n(CVE-2006-6058)\n\nAlexander Schulze discovered that the skge driver does not properly\nuse the spin_lock and spin_unlock functions. Remote attackers could\nexploit this by sending a flood of network traffic and cause a denial\nof service (crash). (CVE-2006-7229)\n\nHugh Dickins discovered that hugetlbfs performed certain prio_tree\ncalculations using HPAGE_SIZE instead of PAGE_SIZE. A local user could\nexploit this and cause a denial of service via kernel panic.\n(CVE-2007-4133)\n\nChris Evans discovered an issue with certain drivers that use the\nieee80211_rx function. Remote attackers could send a crafted 802.11\nframe and cause a denial of service via crash. (CVE-2007-4997)\n\nAlex Smith discovered an issue with the pwc driver for certain webcam\ndevices. A local user with physical access to the system could remove\nthe device while a userspace application had it open and cause the USB\nsubsystem to block. (CVE-2007-5093)\n\nScott James Remnant discovered a coding error in ptrace. Local users\ncould exploit this and cause the kernel to enter an infinite loop.\n(CVE-2007-5500)\n\nVenustech AD-LAB discovered a buffer overflow in the isdn net\nsubsystem. This issue is exploitable by local users via crafted input\nto the isdn_ioctl function. (CVE-2007-6063)\n\nIt was discovered that the isdn subsystem did not properly check for\nNULL termination when performing ioctl handling. A local user could\nexploit this to cause a denial of service. (CVE-2007-6151)\n\nBlake Frantz discovered that when a root process overwrote an existing\ncore file, the resulting core file retained the previous core file's\nownership. Local users could exploit this to gain access to sensitive\ninformation. (CVE-2007-6206)\n\nHugh Dickins discovered the when using the tmpfs filesystem, under\nrare circumstances, a kernel page may be improperly cleared. A local\nuser may be able to exploit this and read sensitive kernel data or\ncause a denial of service via crash. (CVE-2007-6417)\n\nBill Roman discovered that the VFS subsystem did not properly check\naccess modes. A local user may be able to gain removal privileges on\ndirectories. (CVE-2008-0001).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 28, "published": "2008-02-14T00:00:00", "title": "Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-578-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6417", "CVE-2008-0001", "CVE-2007-4133", "CVE-2007-6151", "CVE-2006-7229", "CVE-2007-5093", "CVE-2007-4997", "CVE-2007-6206", "CVE-2006-6058", "CVE-2007-6063", "CVE-2007-5500"], "modified": "2008-02-14T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-578-1.NASL", "href": "https://www.tenable.com/plugins/nessus/31093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-578-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31093);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2006-6058\", \"CVE-2006-7229\", \"CVE-2007-4133\", \"CVE-2007-4997\", \"CVE-2007-5093\", \"CVE-2007-5500\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6417\", \"CVE-2008-0001\");\n script_bugtraq_id(26337, 26477, 26605, 26701, 27280, 27497, 27694);\n script_xref(name:\"USN\", value:\"578-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-578-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The minix filesystem did not properly validate certain filesystem\nvalues. If a local attacker could trick the system into attempting to\nmount a corrupted minix filesystem, the kernel could be made to hang\nfor long periods of time, resulting in a denial of service.\n(CVE-2006-6058)\n\nAlexander Schulze discovered that the skge driver does not properly\nuse the spin_lock and spin_unlock functions. Remote attackers could\nexploit this by sending a flood of network traffic and cause a denial\nof service (crash). (CVE-2006-7229)\n\nHugh Dickins discovered that hugetlbfs performed certain prio_tree\ncalculations using HPAGE_SIZE instead of PAGE_SIZE. A local user could\nexploit this and cause a denial of service via kernel panic.\n(CVE-2007-4133)\n\nChris Evans discovered an issue with certain drivers that use the\nieee80211_rx function. Remote attackers could send a crafted 802.11\nframe and cause a denial of service via crash. (CVE-2007-4997)\n\nAlex Smith discovered an issue with the pwc driver for certain webcam\ndevices. A local user with physical access to the system could remove\nthe device while a userspace application had it open and cause the USB\nsubsystem to block. (CVE-2007-5093)\n\nScott James Remnant discovered a coding error in ptrace. Local users\ncould exploit this and cause the kernel to enter an infinite loop.\n(CVE-2007-5500)\n\nVenustech AD-LAB discovered a buffer overflow in the isdn net\nsubsystem. This issue is exploitable by local users via crafted input\nto the isdn_ioctl function. (CVE-2007-6063)\n\nIt was discovered that the isdn subsystem did not properly check for\nNULL termination when performing ioctl handling. A local user could\nexploit this to cause a denial of service. (CVE-2007-6151)\n\nBlake Frantz discovered that when a root process overwrote an existing\ncore file, the resulting core file retained the previous core file's\nownership. Local users could exploit this to gain access to sensitive\ninformation. (CVE-2007-6206)\n\nHugh Dickins discovered the when using the tmpfs filesystem, under\nrare circumstances, a kernel page may be improperly cleared. A local\nuser may be able to exploit this and read sensitive kernel data or\ncause a denial of service via crash. (CVE-2007-6417)\n\nBill Roman discovered that the VFS subsystem did not properly check\naccess modes. A local user may be able to gain removal privileges on\ndirectories. (CVE-2008-0001).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/578-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 119, 189, 200, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2006/11/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2021 Canonical, Inc. / NASL script (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2006-6058\", \"CVE-2006-7229\", \"CVE-2007-4133\", \"CVE-2007-4997\", \"CVE-2007-5093\", \"CVE-2007-5500\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6417\", \"CVE-2008-0001\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-578-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-386\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-686\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-amd64-generic\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-amd64-k8\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-amd64-server\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-amd64-xeon\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-51-server\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-386\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-686\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-amd64-generic\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-amd64-k8\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-amd64-server\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-amd64-xeon\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-51-server\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-51.66\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-51.66\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-headers-2.6 / linux-headers-2.6-386 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T11:51:46", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nA stack-based buffer overflow in the random number generator could\nallow local root users to cause a denial of service or gain privileges\nby setting the default wakeup threshold to a value greater than the\noutput pool size (CVE-2007-3105).\n\nThe lcd_write function did not limit the amount of memory used by a\ncaller, which allows local users to cause a denial of service (memory\nconsumption) (CVE-2007-3513).\n\nThe decode_choice function allowed remote attackers to cause a denial\nof service (crash) via an encoded out-of-range index value for a\nchoice field which triggered a NULL pointer dereference\n(CVE-2007-3642).\n\nThe Linux kernel allowed local users to send arbitrary signals to a\nchild process that is running at higher privileges by causing a\nsetuid-root parent process to die which delivered an\nattacker-controlled parent process death signal (PR_SET_PDEATHSIG)\n(CVE-2007-3848).\n\nThe aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer\nioctl patch in aacraid did not check permissions for ioctls, which\nmight allow local users to cause a denial of service or gain\nprivileges (CVE-2007-4308).\n\nThe IA32 system call emulation functionality, when running on the\nx86_64 architecture, did not zero extend the eax register after the\n32bit entry path to ptrace is used, which could allow local users to\ngain privileges by triggering an out-of-bounds access to the system\ncall table using the %RAX register (CVE-2007-4573).\n\nIn addition to these security fixes, other fixes have been included\nsuch as :\n\n - More NVidia PCI ids wre added\n\n - The 3w-9xxx module was updated to version 2.26.02.010\n\n - Fixed the map entry for ICH8\n\n - Added the TG3 5786 PCI id\n\n - Reduced the log verbosity of cx88-mpeg\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "edition": 26, "published": "2007-10-25T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2007:195)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4573", "CVE-2007-3848", "CVE-2007-3105", "CVE-2007-3513", "CVE-2007-4308", "CVE-2007-3642"], "modified": "2007-10-25T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:kernel-2.6.17.16mdv", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:kernel-xenU-latest", "p-cpe:/a:mandriva:linux:kernel-latest", "p-cpe:/a:mandriva:linux:kernel-xen0-2.6.17.16mdv", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:kernel-legacy-latest", "p-cpe:/a:mandriva:linux:kernel-legacy-2.6.17.16mdv", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kernel-xen0-latest", "p-cpe:/a:mandriva:linux:kernel-source-stripped-2.6.17.16mdv", "p-cpe:/a:mandriva:linux:kernel-xenU-2.6.17.16mdv", "p-cpe:/a:mandriva:linux:kernel-source-2.6.17.16mdv", "p-cpe:/a:mandriva:linux:kernel-doc-latest", "p-cpe:/a:mandriva:linux:kernel-source-stripped-latest", "p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.17.16mdv", "p-cpe:/a:mandriva:linux:kernel-doc-2.6.17.16mdv", "p-cpe:/a:mandriva:linux:kernel-enterprise-latest"], "id": "MANDRAKE_MDKSA-2007-195.NASL", "href": "https://www.tenable.com/plugins/nessus/27561", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:195. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27561);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3105\", \"CVE-2007-3513\", \"CVE-2007-3642\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-4573\");\n script_bugtraq_id(24734, 25216, 25348, 25387, 25774);\n script_xref(name:\"MDKSA\", value:\"2007:195\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2007:195)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nA stack-based buffer overflow in the random number generator could\nallow local root users to cause a denial of service or gain privileges\nby setting the default wakeup threshold to a value greater than the\noutput pool size (CVE-2007-3105).\n\nThe lcd_write function did not limit the amount of memory used by a\ncaller, which allows local users to cause a denial of service (memory\nconsumption) (CVE-2007-3513).\n\nThe decode_choice function allowed remote attackers to cause a denial\nof service (crash) via an encoded out-of-range index value for a\nchoice field which triggered a NULL pointer dereference\n(CVE-2007-3642).\n\nThe Linux kernel allowed local users to send arbitrary signals to a\nchild process that is running at higher privileges by causing a\nsetuid-root parent process to die which delivered an\nattacker-controlled parent process death signal (PR_SET_PDEATHSIG)\n(CVE-2007-3848).\n\nThe aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer\nioctl patch in aacraid did not check permissions for ioctls, which\nmight allow local users to cause a denial of service or gain\nprivileges (CVE-2007-4308).\n\nThe IA32 system call emulation functionality, when running on the\nx86_64 architecture, did not zero extend the eax register after the\n32bit entry path to ptrace is used, which could allow local users to\ngain privileges by triggering an out-of-bounds access to the system\ncall table using the %RAX register (CVE-2007-4573).\n\nIn addition to these security fixes, other fixes have been included\nsuch as :\n\n - More NVidia PCI ids wre added\n\n - The 3w-9xxx module was updated to version 2.26.02.010\n\n - Fixed the map entry for ICH8\n\n - Added the TG3 5786 PCI id\n\n - Reduced the log verbosity of cx88-mpeg\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-legacy-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-legacy-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-stripped-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-stripped-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-xen0-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-xen0-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-xenU-2.6.17.16mdv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-xenU-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kernel-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kernel-doc-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"kernel-enterprise-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"kernel-legacy-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kernel-source-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kernel-source-stripped-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kernel-xen0-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kernel-xenU-2.6.17.16mdv-1-1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-doc-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-doc-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"kernel-enterprise-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"kernel-enterprise-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"kernel-legacy-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"kernel-legacy-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-source-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-source-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-source-stripped-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-source-stripped-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-xen0-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-xen0-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-xenU-2.6.17.16mdv-1-1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"kernel-xenU-latest-2.6.17-16mdv\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:25:12", "description": "Updated kernel packages that fix various security issues in the Red\nHat Enterprise Linux 4 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Linux kernel is the core of the operating system.\n\nThese updated kernel packages contain fixes for the following security\nissues :\n\n* A flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\n* A flaw was found in the CIFS file system. This could cause the umask\nvalues of a process to not be honored on CIFS file systems where UNIX\nextensions are supported. (CVE-2007-3740, Important)\n\n* A flaw was found in the VFAT compat ioctl handling on 64-bit\nsystems. This allowed a local user to corrupt a kernel_dirent struct\nand cause a denial of service. (CVE-2007-2878, Important)\n\n* A flaw was found in the Advanced Linux Sound Architecture (ALSA). A\nlocal user who had the ability to read the /proc/driver/snd-page-alloc\nfile could see portions of kernel memory. (CVE-2007-4571, Moderate)\n\n* A flaw was found in the aacraid SCSI driver. This allowed a local\nuser to make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\n* A flaw was found in the stack expansion when using the hugetlb\nkernel on PowerPC systems. This allowed a local user to cause a denial\nof service. (CVE-2007-3739, Moderate)\n\n* A flaw was found in the handling of zombie processes. A local user\ncould create processes that would not be properly reaped which could\nlead to a denial of service. (CVE-2006-6921, Moderate)\n\n* A flaw was found in the CIFS file system handling. The mount option\n'sec=' did not enable integrity checking or produce an error message\nif used. (CVE-2007-3843, Low)\n\n* A flaw was found in the random number generator implementation that\nallowed a local user to cause a denial of service or possibly gain\nprivileges. This flaw could be exploited if the root user raised the\ndefault wakeup threshold over the size of the output pool.\n(CVE-2007-3105, Low)\n\nAdditionally, the following bugs were fixed :\n\n* A flaw was found in the kernel netpoll code, creating a potential\ndeadlock condition. If the xmit_lock for a given network interface is\nheld, and a subsequent netpoll event is generated from within the lock\nowning context (a console message for example), deadlock on that cpu\nwill result, because the netpoll code will attempt to re-acquire the\nxmit_lock. The fix is to, in the netpoll code, only attempt to take\nthe lock, and fail if it is already acquired (rather than block on\nit), and queue the message to be sent for later delivery. Any user of\nnetpoll code in the kernel (netdump or netconsole services), is\nexposed to this problem, and should resolve the issue by upgrading to\nthis kernel release immediately.\n\n* A flaw was found where, under 64-bit mode (x86_64), AMD processors\nwere not able to address greater than a 40-bit physical address space;\nand Intel processors were only able to address up to a 36-bit physical\naddress space. The fix is to increase the physical addressing for an\nAMD processor to 48 bits, and an Intel processor to 38 bits. Please\nsee the Red Hat Knowledgebase for more detailed information.\n\n* A flaw was found in the xenU kernel that may prevent a\nparavirtualized guest with more than one CPU from starting when\nrunning under an Enterprise Linux 5.1 hypervisor. The fix is to allow\nyour Enterprise Linux 4 Xen SMP guests to boot under a 5.1 hypervisor.\nPlease see the Red Hat Knowledgebase for more detailed information.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.", "edition": 28, "published": "2009-04-23T00:00:00", "title": "CentOS 4 : kernel (CESA-2007:0939)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3848", "CVE-2007-3739", "CVE-2007-3105", "CVE-2007-4308", "CVE-2007-3843", "CVE-2007-3740", "CVE-2007-4571", "CVE-2006-6921", "CVE-2007-2878"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel-xenU-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-doc", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-xenU", "p-cpe:/a:centos:centos:kernel-hugemem-devel"], "id": "CENTOS_RHSA-2007-0939.NASL", "href": "https://www.tenable.com/plugins/nessus/37953", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0939 and \n# CentOS Errata and Security Advisory 2007:0939 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37953);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2006-6921\", \"CVE-2007-2878\", \"CVE-2007-3105\", \"CVE-2007-3739\", \"CVE-2007-3740\", \"CVE-2007-3843\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-4571\");\n script_bugtraq_id(25216, 25244, 25348, 25387, 25672, 25807);\n script_xref(name:\"RHSA\", value:\"2007:0939\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2007:0939)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix various security issues in the Red\nHat Enterprise Linux 4 kernel are now available.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Linux kernel is the core of the operating system.\n\nThese updated kernel packages contain fixes for the following security\nissues :\n\n* A flaw was found in the handling of process death signals. This\nallowed a local user to send arbitrary signals to the suid-process\nexecuted by that user. A successful exploitation of this flaw depends\non the structure of the suid-program and its signal handling.\n(CVE-2007-3848, Important)\n\n* A flaw was found in the CIFS file system. This could cause the umask\nvalues of a process to not be honored on CIFS file systems where UNIX\nextensions are supported. (CVE-2007-3740, Important)\n\n* A flaw was found in the VFAT compat ioctl handling on 64-bit\nsystems. This allowed a local user to corrupt a kernel_dirent struct\nand cause a denial of service. (CVE-2007-2878, Important)\n\n* A flaw was found in the Advanced Linux Sound Architecture (ALSA). A\nlocal user who had the ability to read the /proc/driver/snd-page-alloc\nfile could see portions of kernel memory. (CVE-2007-4571, Moderate)\n\n* A flaw was found in the aacraid SCSI driver. This allowed a local\nuser to make ioctl calls to the driver that should be restricted to\nprivileged users. (CVE-2007-4308, Moderate)\n\n* A flaw was found in the stack expansion when using the hugetlb\nkernel on PowerPC systems. This allowed a local user to cause a denial\nof service. (CVE-2007-3739, Moderate)\n\n* A flaw was found in the handling of zombie processes. A local user\ncould create processes that would not be properly reaped which could\nlead to a denial of service. (CVE-2006-6921, Moderate)\n\n* A flaw was found in the CIFS file system handling. The mount option\n'sec=' did not enable integrity checking or produce an error message\nif used. (CVE-2007-3843, Low)\n\n* A flaw was found in the random number generator implementation that\nallowed a local user to cause a denial of service or possibly gain\nprivileges. This flaw could be exploited if the root user raised the\ndefault wakeup threshold over the size of the output pool.\n(CVE-2007-3105, Low)\n\nAdditionally, the following bugs were fixed :\n\n* A flaw was found in the kernel netpoll code, creating a potential\ndeadlock condition. If the xmit_lock for a given network interface is\nheld, and a subsequent netpoll event is generated from within the lock\nowning context (a console message for example), deadlock on that cpu\nwill result, because the netpoll code will attempt to re-acquire the\nxmit_lock. The fix is to, in the netpoll code, only attempt to take\nthe lock, and fail if it is already acquired (rather than block on\nit), and queue the message to be sent for later delivery. Any user of\nnetpoll code in the kernel (netdump or netconsole services), is\nexposed to this problem, and should resolve the issue by upgrading to\nthis kernel release immediately.\n\n* A flaw was found where, under 64-bit mode (x86_64), AMD processors\nwere not able to address greater than a 40-bit physical address space;\nand Intel processors were only able to address up to a 36-bit physical\naddress space. The fix is to increase the physical addressing for an\nAMD processor to 48 bits, and an Intel processor to 38 bits. Please\nsee the Red Hat Knowledgebase for more detailed information.\n\n* A flaw was found in the xenU kernel that may prevent a\nparavirtualized guest with more than one CPU from starting when\nrunning under an Enterprise Linux 5.1 hypervisor. The fix is to allow\nyour Enterprise Linux 4 Xen SMP guests to boot under a 5.1 hypervisor.\nPlease see the Red Hat Knowledgebase for more detailed information.\n\nRed Hat Enterprise Linux 4 users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these\nissues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014358.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1bcf8911\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014359.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cf164aa6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014360.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17f70c8b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/01/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", reference:\"kernel-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-55.0.12.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-55.0.12.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:13:03", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-1353", "CVE-2006-7203", "CVE-2007-4133", "CVE-2007-3105", "CVE-2007-6151", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2007-3740", "CVE-2006-5823", "CVE-2007-6694", "CVE-2006-6058", "CVE-2007-2525", "CVE-2007-6063"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1504 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nFebruary 22, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kernel-source-2.6.8 (2.6.8-17sarge1)\nVulnerability : several\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2006-5823 CVE-2006-6054 CVE-2006-6058 CVE-2006-7203\n CVE-2007-1353 CVE-2007-2172 CVE-2007-2525 CVE-2007-3105\n CVE-2007-3739 CVE-2007-3740 CVE-2007-3848 CVE-2007-4133\n CVE-2007-4308 CVE-2007-4573 CVE-2007-5093 CVE-2007-6063\n CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007\n\nSeveral local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2006-5823\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted cramfs filesystem.\n\nCVE-2006-6054\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted ext2 filesystem.\n\nCVE-2006-6058\n\n LMH reported an issue in the minix filesystem that allows local users\n with mount privileges to create a DoS (printk flood) by mounting a\n specially crafted corrupt filesystem.\n\nCVE-2006-7203\n\n OpenVZ Linux kernel team reported an issue in the smbfs filesystem which\n can be exploited by local users to cause a DoS (oops) during mount.\n\nCVE-2007-1353\n\n Ilja van Sprundel discovered that kernel memory could be leaked via the\n Bluetooth setsockopt call due to an uninitialized stack buffer. This\n could be used by local attackers to read the contents of sensitive kernel\n memory.\n\nCVE-2007-2172\n\n Thomas Graf reported a typo in the DECnet protocol handler that could\n be used by a local attacker to overrun an array via crafted packets,\n potentially resulting in a Denial of Service (system crash).\n A similar issue exists in the IPV4 protocol handler and will be fixed\n in a subsequent update.\n\nCVE-2007-2525\n\n Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused\n by releasing a socket before PPPIOCGCHAN is called upon it. This could\n be used by a local user to DoS a system by consuming all available memory.\n\nCVE-2007-3105\n\n The PaX Team discovered a potential buffer overflow in the random number\n generator which may permit local users to cause a denial of service or\n gain additional privileges. This issue is not believed to effect default\n Debian installations where only root has sufficient privileges to exploit\n it.\n\nCVE-2007-3739\n\n Adam Litke reported a potential local denial of service (oops) on\n powerpc platforms resulting from unchecked VMA expansion into address\n space reserved for hugetlb pages.\n\nCVE-2007-3740\n\n Steve French reported that CIFS filesystems with CAP_UNIX enabled \n were not honoring a process' umask which may lead to unintentinally\n relaxed permissions.\n \nCVE-2007-3848\n\n Wojciech Purczynski discovered that pdeath_signal was not being reset\n properly under certain conditions which may allow local users to gain\n privileges by sending arbitrary signals to suid binaries.\n\nCVE-2007-4133\n\n Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\n local users to trigger a BUG_ON() call in exit_mmap.\n\nCVE-2007-4308\n\n Alan Cox reported an issue in the aacraid driver that allows unprivileged\n local users to make ioctl calls which should be restricted to admin\n privileges.\n\nCVE-2007-4573\n\n Wojciech Purczynski discovered a vulnerability that can be exploited\n by a local user to obtain superuser privileges on x86_64 systems.\n This resulted from improper clearing of the high bits of registers\n during ia32 system call emulation. This vulnerability is relevant\n to the Debian amd64 port as well as users of the i386 port who run\n the amd64 linux-image flavour.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nCVE-2007-6063\n\n Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl\n handling, exploitable by a local user.\n\nCVE-2007-6151\n\n ADLAB discovered a possible memory overrun in the ISDN subsystem that\n may permit a local user to overwrite kernel memory leading by issuing\n ioctls with unterminated data.\n\nCVE-2007-6206\n\n Blake Frantz discovered that when a core file owned by a non-root user\n exists, and a root-owned process dumps core over it, the core file\n retains its original ownership. This could be used by a local user to\n gain access to sensitive information.\n\nCVE-2007-6694\n\n Cyrill Gorcunov reported a NULL pointer dereference in code specific\n to the CHRP PowerPC platforms. Local users could exploit this issue\n to achieve a Denial of Service (DoS).\n\nCVE-2008-0007\n\n Nick Piggin of SuSE discovered a number of issues in subsystems which\n register a fault handler for memory mapped areas. This issue can be\n exploited by local users to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 3.1 (sarge)\n kernel-image-2.6.8-alpha 2.6.8-17sarge1\n kernel-image-2.6.8-amd64 2.6.8-17sarge1\n kernel-image-2.6.8-hppa 2.6.8-7sarge1\n kernel-image-2.6.8-i386 2.6.8-17sarge1\n kernel-image-2.6.8-ia64 2.6.8-15sarge1\n kernel-image-2.6.8-m68k 2.6.8-5sarge1\n kernel-image-2.6.8-s390 2.6.8-6sarge1\n kernel-image-2.6.8-sparc 2.6.8-16sarge1\n kernel-patch-powerpc-2.6.8 2.6.8-13sarge1\n fai-kernels 1.9.1sarge8\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, hppa, i386, ia64, m68k, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.dsc\n Size/MD5 checksum: 846 4503eeaf9e1a21a9f220e2d9c31e0123\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.dsc\n Size/MD5 checksum: 1191 bfba4b91bbd166d14d0bace5ac137715\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.diff.gz\n Size/MD5 checksum: 1124155 d0e37e157fd2c4a9889222377ae6a956\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-6sarge1.tar.gz\n Size/MD5 checksum: 18572 fffdd006af1f26150eb6131f10c14c8f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.tar.gz\n Size/MD5 checksum: 73206 97e4fadb9612c1a9ce969a0cbdc663f4\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.dsc\n Size/MD5 checksum: 621 fd5cf0a4b08aadf72cedb8029390fdeb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.dsc\n Size/MD5 checksum: 1103 27f8b65b1acae74eac82f6484edbc5e5\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.tar.gz\n Size/MD5 checksum: 44625 4e68e046835cd0dce3ba2dc096f21924\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.tar.gz\n Size/MD5 checksum: 32565 406db278e655291be89254da5a4e15f8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-7sarge1.dsc\n Size/MD5 checksum: 1013 defcdc70dd9d969ddfaed2819b341758\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-15sarge1.tar.gz\n Size/MD5 checksum: 69734 a5e62e3da21f1e89e1c7f76508de9673\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-17sarge1.tar.gz\n Size/MD5 checksum: 82008 c90b3a12c9bf77807d0d5c3ab6cf1567\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.tar.gz\n Size/MD5 checksum: 22997 75027ce480514543ad6d565d43890a3e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.tar.gz\n Size/MD5 checksum: 32414 676fdb7a2c0cb66cd6c13a75b836f755\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-16sarge1.dsc\n Size/MD5 checksum: 1036 088234b948dd74a6c869f743a5346a54\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-17sarge1.dsc\n Size/MD5 checksum: 812 e12f4f68ee249f53bab5b4752d6b2795\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.tar.gz\n Size/MD5 checksum: 96384 bd4d726f97468d6cca1139cf80b1342a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-17sarge1.dsc\n Size/MD5 checksum: 1047 80bb021a47b74d6b1e486c2bba6c55b8\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1.dsc\n Size/MD5 checksum: 1002 0a956bc9d48251885d52d4b4d4b07310\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-13sarge1.dsc\n Size/MD5 checksum: 1071 39e866b6617c57f4acf7e06d3b7ae82e\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8.tar.gz\n Size/MD5 checksum: 32434 ee1ef40c64f09bcdc25d9c9b7ea325e0\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-5sarge1.dsc\n Size/MD5 checksum: 874 9db0c07fe9a8cc114a82f3d4f8a209a9\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz\n Size/MD5 checksum: 43929719 0393c05ffa4770c3c5178b74dc7a4282\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-17sarge1_all.deb\n Size/MD5 checksum: 34955480 ece884d31c0a9bd290d467f00973252e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-6sarge1_all.deb\n Size/MD5 checksum: 16650 2304fae6c3d145826acea1403133ef98\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-17sarge1_all.deb\n Size/MD5 checksum: 39758 12ee237ef5816a9c1f87697a0397802a\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-doc-2.6.8_2.6.8-17sarge1_all.deb\n Size/MD5 checksum: 6190062 e7e672dd30a416f98fb8dd3ead7e938b\n http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-17sarge1_all.deb\n Size/MD5 checksum: 1194926 dfc3e12e6e7739c91c17e150a7242fa2\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb\n Size/MD5 checksum: 238146 8dd62b8c39cceeedd5efaa4b2eee4582\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb\n Size/MD5 checksum: 232626 0f789080227336bd274f4ddacc4a749b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-4_2.6.8-17sarge1_alpha.deb\n Size/MD5 checksum: 2765374 6f857f2bc6f2f0d5a94a98ae814c4e87\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-smp_2.6.8-17sarge1_alpha.deb\n Size/MD5 checksum: 20094120 e0a3941fdaa513458f54b78e5b3ebd41\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-4-generic_2.6.8-17sarge1_alpha.deb\n Size/MD5 checksum: 20242970 0944d9b857e2383f2748fab122de3a5d\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 225228 fc7e590bc877da3505ee3442409bf8ee\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 228186 4663c6daf166b5559e408795f44d84f5\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 12579110 41c47936fe7cd1bb8e28177cf282e957\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 231428 dfdf341727fcca4af9ff41f7f0046e1b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 13238846 51bca8a45157f119dc001e786e325cca\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 13063162 14486d83aee59b7616ff63de003340ac\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 13275762 767dcb70ca259ff0dc07f6cb8351a83d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 2728264 db7534ded22b911afffa5413d540dbbd\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 226722 33c904e9fd0a2f754f0d5aed640a3bd3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 230322 917d95bec917d2a7588867f81d88a2e9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_amd64.deb\n Size/MD5 checksum: 13082028 78be67d79a13baba4a6c798624f7f818\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 2820206 0a14c1185bcde28d0a97eaeef9e11e3f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 17550802 fabf823c16fcb3e0bbf69d0081faafd8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 219244 ff1d717d7b3d1db40c96d15b96b8a447\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-64-smp_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 18374164 e088d77a7e64efa4d825416f94fd5db6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 220054 5e8db88176af86cf5d5968dac2816ac6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32-smp_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 17020158 1e3f2fc9f9764e1823054df8abde860c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-32_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 220598 e3419d467dc69e90e2db720c519268d3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-4-32_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 16110870 cb91278b4861aa27da3555e3ae05a842\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-headers-2.6.8-4-64_2.6.8-7sarge1_hppa.deb\n Size/MD5 checksum: 219758 ff98c244a5777bf1cb9d3aa42e92035b\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 258700 b406cff5cdfce0b1ebb0999b940bcf77\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-386_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 14079400 b3034d3d756026061d6d1ae64f7670ac\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 226622 89ab2fe13383be55139f779983e76f56\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 228124 0232808c2f4af4679ff387fd5aef30c2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 13238830 83c9fa536a5039d9b7faaedd55c0d2df\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 13208166 7d76aba45eeea785e68e144c93f8fa55\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 231474 a9af96e38de18058a0bbb855ed0193f3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 15558172 1ef83fe26c46d25f209cb0a76140c0e3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-em64t-p4_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 13236626 fad30247937094d606a01d53a2eff086\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 2728376 e2538d185c863ac7adf9dd41ac73f83d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 15397692 580feea340f69d04fafcd052268bb314\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 15173410 f477356acda36ec633c3bee285794377\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 2784978 76f4162d37d785b5e0648435936774f6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-386_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 263456 3ddcc23d88f64f8a185c3a3dc4ae3402\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-em64t-p4-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 225052 c266db2ed1f497b91c8202c2e9511bd3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-4-k7_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 15282426 bce3bfbc0e6aede5dc503b37935b050a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 230266 2172a8e3ff5107cb582b5a31111b904b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686-smp_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 258222 e02e548b571117fa3a0b68add40c3893\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-686_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 260930 a4765a3da36be625c104281daecc29d2\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge8_i386.deb\n Size/MD5 checksum: 12010766 5c06b0a78b203b2032aa327839fa9795\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-headers-2.6.8-4-k7_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 260956 5bf06a1619132b0624299735caf26879\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-generic_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 12579278 f6c685f628478fcc8f37257a6e71aedd\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-13-amd64-k8_2.6.8-17sarge1_i386.deb\n Size/MD5 checksum: 13276128 541fc888c5aa5dee5e186185d1f2256f\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 21496770 8336b695564c2eb6d8dc98a13c3b4e1a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 205878 2f8285b89e03dee6c71f9d8079d13499\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12228 b69b46b5a764b898baaf3ba3ad056d5f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-mckinley_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12162 3d5dfd32448f8cb967dd1ce9549789af\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 3104422 af94110dd2e8401a975315dd93aaa28b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12172 618961c987120133ee1c999e4cf5f62f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-mckinley-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12236 7ca412f9885d85f92340423de43e284f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12140 031a5db578a7291bf25c13b7be4b4ec6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-itanium_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 206340 85610c56d71469abb003503c9395f639\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 206076 62768e32c962c2f1f2f19c0062800557\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12202 a4a24b0e48c4f6c2c3d8ab17fc6fe4ae\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 21417820 daa90c69a36eb5baf3231fed495766e1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-headers-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 205672 e5befe9b90d7f8d43ed7e1dfff89851c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-itanium-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 22158208 8a186facbb3023845284531d27c01486\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12136 fe3ae95000fba99026557e9f3110eef9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-4-mckinley-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 22174026 de343e5cddd6936ec435cdc87d5ab689\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6-itanium-smp_2.6.8-15sarge1_ia64.deb\n Size/MD5 checksum: 12200 75abbf3dc640b0765b0f510c0c783ecb\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-sun3_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 2997446 90b62190daab090dd211b2e2fa76e634\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme16x_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 3053150 9876f36e6cbad66ac690362955b3ee6c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-q40_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 3111618 38fdf55f9f32aa26df0b3001fd6b77a2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-amiga_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 3311580 052d54a9c2e6eab73cf870634aaf78e3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-hp_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 2992404 cd498a3a110af341e7052fb06ec8b0bc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mac_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 3178962 1160ae756c286e7e2845cbeb1326c3bb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-mvme147_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 2982482 677c66d0af2580084d6d061bfd63ffd4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-bvme6000_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 3018000 89321aa5c34c8c9c95a61a86d0337699\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-atari_2.6.8-5sarge1_m68k.deb\n Size/MD5 checksum: 3105192 0a020af9116bd8ac96d2c3eb054b6840\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-headers-2.6.8-4_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 5153168 2f57ad5241d60f31e262541b1b9bf08a\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 13953866 46a1861b3cd33737bdd60a0f72f397c4\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 13599558 0ddb46fa72e94a9018eccfd3d2f0b40c\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 13873214 f012b664fbc58bfcdfbba594d38bc855\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 13943782 153a4ba86086ae315977b069a3c8fa3c\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 412788 719ae014adea5b6a7c3c36b2b0e268ed\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 412382 228e63e6d49179b0dc802b903b1b52e4\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4-smp_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 411974 bcf255c3858b2d9a01bbbb2b7c25aff2\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-powerpc_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 13616728 e6762f501e5422e23f023b79037a8ca5\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 412034 0334c1128e3e843ebc68963633480ba4\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-powerpc-smp_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 412136 a761c81f7e2c38637fecefeb197f8a5b\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-build-2.6.8-4-power3-smp_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 412708 584de35626e4445772f28341560aae76\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-image-2.6.8-4-power4_2.6.8-13sarge1_powerpc.deb\n Size/MD5 checksum: 13583634 0f334a6487d58f02b75f9102641d4541\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390x_2.6.8-6sarge1_s390.deb\n Size/MD5 checksum: 3199350 2dec14becfc609e1414a00a726a78153\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390_2.6.8-6sarge1_s390.deb\n Size/MD5 checksum: 2992448 d90f45f8f995286690ed2c460f5f418b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-headers-2.6.8-4_2.6.8-6sarge1_s390.deb\n Size/MD5 checksum: 5092100 c603b5b67a2e4be7b92fc909a64493cd\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-4-s390-tape_2.6.8-6sarge1_s390.deb\n Size/MD5 checksum: 1150168 8cf8f4a0193c71df9a27b3362b868cc5\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 7645904 2c30dc864de96d05d0a3426b36c26d3a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 2896286 54cdf0c85119d5a049164705e54a24d9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 4563634 2df1caceab9295aca03f8efb9abfa33a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 7449244 1833928627fd502581b283c8d508b423\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc32_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 116254 ccfa57772f57fc041c7e2f52fc09216c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64-smp_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 151548 0170da5a8e3a7179073a6ee42fe41b27\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-build-2.6.8-4_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 10856 5866644f6a69cd14120b2f27b936097e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-headers-2.6.8-4-sparc64_2.6.8-16sarge1_sparc.deb\n Size/MD5 checksum: 150948 ed82830f3020847472660683d0a8b5cd\n\n These files will probably be moved into the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 9, "modified": "2008-02-22T21:28:02", "published": "2008-02-22T21:28:02", "id": "DEBIAN:DSA-1504-1:18A93", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00068.html", "title": "[SECURITY] [DSA 1504-1] New Linux kernel 2.6.8 packages fix several issues", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-11T13:16:07", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-4311", "CVE-2007-1353", "CVE-2006-4814", "CVE-2007-6151", "CVE-2004-2731", "CVE-2006-6106", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-1592", "CVE-2006-6053", "CVE-2007-6206", "CVE-2006-5753", "CVE-2006-5823", "CVE-2007-6694", "CVE-2007-2525", "CVE-2007-6063"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1503-2 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nMarch 6, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.27 (2.4.27-10sarge7)\nVulnerability : several\nProblem-Type : local/remote\nDebian-specific: no\nCVE ID : CVE-2004-2731 CVE-2006-4814 CVE-2006-5753 CVE-2006-5823\n CVE-2006-6053 CVE-2006-6054 CVE-2006-6106 CVE-2007-1353\n CVE-2007-1592 CVE-2007-2172 CVE-2007-2525 CVE-2007-3848\n CVE-2007-4308 CVE-2007-4311 CVE-2007-5093 CVE-2007-6063\n CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007\n \nSeveral local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode. \n\nThe package versions referenced in the initial DSA-1503 advisory\nintroduced a regression that can cause hangs on systems that make use of\nthe ext2 filesystem. The regression has been resolved in the package\nversions referenced by this updated advisory.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2004-2731\n\n infamous41md reported multiple integer overflows in the Sbus PROM\n driver that would allow for a DoS (Denial of Service) attack by a\n local user, and possibly the execution of arbitrary code.\n\nCVE-2006-4814\n\n Doug Chapman discovered a potential local DoS (deadlock) in the mincore\n function caused by improper lock handling.\n\nCVE-2006-5753\n\n Eric Sandeen provided a fix for a local memory corruption vulnerability\n resulting from a misinterpretation of return values when operating on\n inodes which have been marked bad.\n\nCVE-2006-5823\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted cramfs filesystem.\n\nCVE-2006-6053\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted ext3 filesystem.\n\nCVE-2006-6054\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted ext2 filesystem.\n\nCVE-2006-6106\n\n Marcel Holtman discovered multiple buffer overflows in the Bluetooth\n subsystem which can be used to trigger a remote DoS (crash) and potentially\n execute arbitray code.\n\nCVE-2007-1353\n\n Ilja van Sprundel discovered that kernel memory could be leaked via the\n Bluetooth setsockopt call due to an uninitialized stack buffer. This\n could be used by local attackers to read the contents of sensitive kernel\n memory.\n\nCVE-2007-1592\n\n Masayuki Nakagawa discovered that flow labels were inadvertently\n being shared between listening sockets and child sockets. This defect\n can be exploited by local users to cause a DoS (Oops).\n\nCVE-2007-2172\n\n Thomas Graf reported a typo in the DECnet protocol handler that could\n be used by a local attacker to overrun an array via crafted packets,\n potentially resulting in a Denial of Service (system crash).\n A similar issue exists in the IPV4 protocol handler and will be fixed\n in a subsequent update.\n\nCVE-2007-2525\n\n Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused\n by releasing a socket before PPPIOCGCHAN is called upon it. This could\n be used by a local user to DoS a system by consuming all available memory.\n\nCVE-2007-3848\n\n Wojciech Purczynski discovered that pdeath_signal was not being reset\n properly under certain conditions which may allow local users to gain\n privileges by sending arbitrary signals to suid binaries.\n\nCVE-2007-4308\n\n Alan Cox reported an issue in the aacraid driver that allows unprivileged\n local users to make ioctl calls which should be restricted to admin\n privileges.\n\nCVE-2007-4311\n\n PaX team discovered an issue in the random driver where a defect in the\n reseeding code leads to a reduction in entropy.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nCVE-2007-6063\n\n Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl\n handling, exploitable by a local user.\n\nCVE-2007-6151\n\n ADLAB discovered a possible memory overrun in the ISDN subsystem that\n may permit a local user to overwrite kernel memory leading by issuing\n ioctls with unterminated data.\n\nCVE-2007-6206\n\n Blake Frantz discovered that when a core file owned by a non-root user\n exists, and a root-owned process dumps core over it, the core file\n retains its original ownership. This could be used by a local user to\n gain access to sensitive information.\n\nCVE-2007-6694\n\n Cyrill Gorcunov reported a NULL pointer dereference in code specific\n to the CHRP PowerPC platforms. Local users could exploit this issue\n to achieve a Denial of Service (DoS).\n\nCVE-2008-0007\n\n Nick Piggin of SuSE discovered a number of issues in subsystems which\n register a fault handler for memory mapped areas. This issue can be\n exploited by local users to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 3.1 (sarge)\n alsa-modules-i386 1.0.8+2sarge2\n fai-kernels 1.9.1sarge9\n kernel-image-2.4.27-arm 2.4.27-2sarge7\n kernel-image-2.4.27-m68k 2.4.27-3sarge7\n kernel-image-speakup-i386 2.4.27-1.1sarge6\n kernel-image-2.4.27-alpha 2.4.27-10sarge7\n kernel-image-2.4.27-s390 2.4.27-2sarge7\n kernel-image-2.4.27-sparc 2.4.27-9sarge7\n kernel-image-2.4.27-i386 2.4.27-10sarge7\n kernel-image-2.4.27-ia64 2.4.27-10sarge7\n kernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-4\n kernel-patch-powerpc-2.4.27 2.4.27-10sarge7\n kernel-latest-2.4-alpha 101sarge3\n kernel-latest-2.4-i386 101sarge2\n kernel-latest-2.4-s390 2.4.27-1sarge2\n kernel-latest-2.4-sparc 42sarge3\n i2c 1:2.9.1-1sarge2\n lm-sensors 1:2.9.1-1sarge4\n mindi-kernel 2.4.27-2sarge6\n pcmcia-modules-2.4.27-i386 3.2.5+2sarge2\n hostap-modules-i386 1:0.3.7-1sarge3\n systemimager 3.2.3-6sarge6\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nNote that this update changes various package names due to ABI changes.\nYou must therefore have the corresponding upgrade-assist metapackage(s)\ninstalled for your upgrades to automatically take place. These packages\nhave names with the prefix 'kernel-image-2.4-'.\n\nFor a full list of the metapackages available for your architecture, run\nthe following command on the target Debian 3.1 system:\n apt-cache search kernel-image-2.4-\n\nAny 3rd party modules that have been built and installed for your system\nwill need to be rebuilt and installed for compatability with the new ABI.\n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge7.dsc\n Size/MD5 checksum: 900 22df0724bc6eb36386b98719c76aa597\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge7.dsc\n Size/MD5 checksum: 1074 289e404e8f8490a37d50228754d7d206\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge7.tar.gz\n Size/MD5 checksum: 101437 c4ec405c3305f12e6292edd842d50403\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge7.tar.gz\n Size/MD5 checksum: 1466580 cba0ff68b005bc217dd3d968259ced82\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge6.dsc\n Size/MD5 checksum: 1027 55ee1489f59168137ab94bbadce013ca\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge6.tar.gz\n Size/MD5 checksum: 15980963 82f1125ac95154bfbafc191d80d3f5f8\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge6.dsc\n Size/MD5 checksum: 750 1df9ed6410bf9cdef5060dc44ce035e7\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27.orig.tar.gz\n Size/MD5 checksum: 9501 a4ad085824ade5641f1c839d945dd301\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge6.diff.gz\n Size/MD5 checksum: 6594 6c33b0de262510b4b5bf55de0a9ea3af\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge7.dsc\n Size/MD5 checksum: 1143 584096fb9354fb43d59db0dad3a05c7e\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge7.diff.gz\n Size/MD5 checksum: 785548 c3bf76dd6851bc5b77cbb2a81f9d33ab\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge9.dsc\n Size/MD5 checksum: 621 340d6e556b3571582bc95d0ab219ff12\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge9.tar.gz\n Size/MD5 checksum: 32511 731cd73a9b268291afaedc8386faf528\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge7.dsc\n Size/MD5 checksum: 1582 a6a794457f4557f2df67eb2c8191090e\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge6.tar.gz\n Size/MD5 checksum: 20423 5d60a6d2c2159b887ade18757dc7d426\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge7.tar.gz\n Size/MD5 checksum: 57199 eea61edd2b524231a2a51f820b498eb8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge7.tar.gz\n Size/MD5 checksum: 33906 d575951af3aaee6ab9a715c02ebfc611\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge6.dsc\n Size/MD5 checksum: 732 ee1a35287ea10ea73f84239fc9eefa7d\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz\n Size/MD5 checksum: 38470181 56df34508cdc47a53d15bc02ffe4f42d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge7.tar.gz\n Size/MD5 checksum: 26323 207f90189a051f60bc167ad650f4b03e\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge7.dsc\n Size/MD5 checksum: 1130 05540b391efb661ac080bcd3b76d75d4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge7.dsc\n Size/MD5 checksum: 876 2147aa6ee213cfeae672e4b8078de79d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge7.dsc\n Size/MD5 checksum: 831 f99f88476250ba6d8a45e985b76e282c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge7.tar.gz\n Size/MD5 checksum: 14360 cae077bc611a30d31eca87b11e197743\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-4.dsc\n Size/MD5 checksum: 1050 42da2129d3c3e7272c35b2cd38fb6df1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge7.dsc\n Size/MD5 checksum: 832 18e08f7d72b58025bc87feeb2eb1b772\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge7.dsc\n Size/MD5 checksum: 839 112e605d8e6feacbb79acbe2bee8a82b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge7.tar.gz\n Size/MD5 checksum: 12084 bda7fe345a19ff29c971bae517477785\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge7.tar.gz\n Size/MD5 checksum: 37388 492895463965930fe7276a465bb4bf7f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-4.tar.gz\n Size/MD5 checksum: 310574 d558a24549b13a9e86bdc2c50502aced\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-i386_1.0.8+2sarge2.dsc\n Size/MD5 checksum: 1121 2e094a561912a0acf6cc5edf3f122ca8\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-i386_1.0.8+2sarge2.tar.gz\n Size/MD5 checksum: 5249 1604fe719636c98547f287653a7cf0a8\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge3.dsc\n Size/MD5 checksum: 685 3684714d888d9897193781152b1bb2fa\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge3.tar.gz\n Size/MD5 checksum: 1987 e4c3061eb307723a40cd3bbc0e28fcc4\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge2.dsc\n Size/MD5 checksum: 1345 4686200ea3a9e29560dffde21e35d247\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge2.tar.gz\n Size/MD5 checksum: 2651 6aff151a16ad2211e6f118efdd2fca6d\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge2.dsc\n Size/MD5 checksum: 663 afa6f7006f0e5f28f08f81ab0c0cba7b\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge2.tar.gz\n Size/MD5 checksum: 1629 631165e8731c66fc60e875371c649a03\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge3.dsc\n Size/MD5 checksum: 846 e49c48cbef5fce4aac4ca3bfd9b97518\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge3.tar.gz\n Size/MD5 checksum: 2281 d72e0b2a828d4db9076142f8092a83b0\n http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge2.dsc\n Size/MD5 checksum: 857 2f49354f5660d561153dcdb283a04c60\n http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge2.diff.gz\n Size/MD5 checksum: 9671 afae6ba433c81376fc42fb5de1750169\n http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1.orig.tar.gz\n Size/MD5 checksum: 142961 eb3d1df2d3b46f199af2485db612c76d\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4.dsc\n Size/MD5 checksum: 1089 5f669ca85a85782c1040d45c351d965e\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4.diff.gz\n Size/MD5 checksum: 33474 f96bd95e933f2ad4184a64141a11a375\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1.orig.tar.gz\n Size/MD5 checksum: 870765 f5af615e39441d95471bdb72a3f01709\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge2.dsc\n Size/MD5 checksum: 825 1b3ccb11081c743293e515f0864f76f7\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge2.tar.gz\n Size/MD5 checksum: 105479 c2b1bb5c024aec2c4938866fda42a536\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge3.dsc\n Size/MD5 checksum: 1092 1682bf8794992d2bd327227cbe21fb77\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge3.tar.gz\n Size/MD5 checksum: 2328 c3f3f0a00cd017334a3d045142f11b6f\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 18604 2f19a5a567fbabbb7c85c2b6a8c09715\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 4762170 b1fe544ae766e72cee10767ca4c220e6\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge7_all.deb\n Size/MD5 checksum: 31044984 7d0808008f6970beab99f97ca2b298be\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 119958 382abca5012ab6d2b356ad8e59695e74\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 9548928 9fad5a3acdaf046eb9fc4f88df059d9d\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge7_all.deb\n Size/MD5 checksum: 750682 08e90159e79f3dcaff09d2fe2ed87a70\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-doc_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 633934 411cb1f4623b44d7abf520ace4080fab\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge7_all.deb\n Size/MD5 checksum: 29022 8dfa828bb9121672e42211217f398437\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge7_all.deb\n Size/MD5 checksum: 3582288 43a6f2a4a53cb8a64de8282a9aa1aac3\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-client_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 32832 177d55441631c5c922e6ce28b61e6b82\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-common_3.2.3-6sarge6_all.deb\n Size/MD5 checksum: 32964 5027eb39810134cff2c20eb3af6894b2\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge6_all.deb\n Size/MD5 checksum: 2422274 0872bf637bd0f2aa3743bcc07badf943\n http://security.debian.org/pool/updates/main/i/i2c/i2c-source_2.9.1-1sarge2_all.deb\n Size/MD5 checksum: 159972 52f3d8c35dc66b3806fdcbd5911172ef\n http://security.debian.org/pool/updates/main/i/i2c/kernel-patch-2.4-i2c_2.9.1-1sarge2_all.deb\n Size/MD5 checksum: 106162 c020f32c2b9c0bb3f60a8d7aa536202b\n http://security.debian.org/pool/updates/main/l/lm-sensors/kernel-patch-2.4-lm-sensors_2.9.1-1sarge4_all.deb\n Size/MD5 checksum: 304594 17171ede79299ea662c0eb92c09d7b89\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-source_2.9.1-1sarge4_all.deb\n Size/MD5 checksum: 945778 b5cd269a473566b2eab20477bb5ccc75\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4-generic_2.4.27-10sarge7_alpha.deb\n Size/MD5 checksum: 274656 a6df8d76730f2c04e8ba46c82eaa5fc6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-4-smp_2.4.27-10sarge7_alpha.deb\n Size/MD5 checksum: 16992022 e5b6094a6f61b599dfc7d2898988d8c9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-4_2.4.27-10sarge7_alpha.deb\n Size/MD5 checksum: 9610 c5a4813b3f702377190850f70452be03\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-4-generic_2.4.27-10sarge7_alpha.deb\n Size/MD5 checksum: 16537552 cf594a1ceb7d46217bb3cfda97b1a167\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4_2.4.27-10sarge7_alpha.deb\n Size/MD5 checksum: 4576374 c8032d43cdf035fbf98b46a35ada9a58\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4-smp_2.4.27-10sarge7_alpha.deb\n Size/MD5 checksum: 276726 81c66d5d53c9f2aeed32082ccf6102ff\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_alpha.deb\n Size/MD5 checksum: 21916 2a099f54c14bce29e42ff99d37160b23\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-generic_101sarge3_alpha.deb\n Size/MD5 checksum: 2004 b85b43e7e593767ac3c2e9759800441c\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-smp_101sarge3_alpha.deb\n Size/MD5 checksum: 2010 5095855832ed1006e4d11c2d9e0325b7\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-generic_101sarge3_alpha.deb\n Size/MD5 checksum: 2008 44d187a24b738878ec0624a096fdb5f4\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-smp_101sarge3_alpha.deb\n Size/MD5 checksum: 2016 55ea69109097ddcc254609df82c98e91\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_alpha.deb\n Size/MD5 checksum: 107844 1df7a5f675e7d69c495d193cdabe589b\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_alpha.deb\n Size/MD5 checksum: 88110 fe1af960b05f134ffe51eb747c3d885b\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_alpha.deb\n Size/MD5 checksum: 469728 67bc75eea11a4793b7c3c4192967a63e\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_alpha.deb\n Size/MD5 checksum: 60276 09c63592a3b029bc07267f0d448f4353\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_amd64.deb\n Size/MD5 checksum: 18684 757148cf3a63e229b89544783dc05966\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_amd64.deb\n Size/MD5 checksum: 99830 92baa443758b2b7c382c63bd43a4c307\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_amd64.deb\n Size/MD5 checksum: 86298 22243ba8ddd9758abd0e903efd56348c\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_amd64.deb\n Size/MD5 checksum: 474426 6309d8298cb861c43522f62f8e056618\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_amd64.deb\n Size/MD5 checksum: 58162 b392fad5c96cae76cd7cf63441da23b5\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 4728218 76872bab628efe1f106714bea7e76ddf\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 484954 a86240d80ceb1f5e460480911978df1a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 1698810 e162255451f3d58f6ec1e07755d7e5c3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 3693254 8062de0bc5d461a7b0de03645ca806d0\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_arm.deb\n Size/MD5 checksum: 20410 ae67f0082728dfad5e587df6b08b729b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 1062654 3e8fa5d77babde87f4ad27ad2b80d81f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 3169126 800ee46456c835fa227497d2dab1e2f7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge7_arm.deb\n Size/MD5 checksum: 7379382 65252aa02259f9bf57d3847ae72d874f\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_arm.deb\n Size/MD5 checksum: 95846 4acbe7e69f8aa23f093f159664730999\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_arm.deb\n Size/MD5 checksum: 77674 07d25a97e860701737aa3216ac05d234\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_arm.deb\n Size/MD5 checksum: 466626 b763f7bd0908a8832a8bb216e6f64b92\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_arm.deb\n Size/MD5 checksum: 56632 9f90bcb915e0e601ee8e78b666b53c40\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_hppa.deb\n Size/MD5 checksum: 20780 35b46e85bfb60401e4c97bc3737f164a\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_hppa.deb\n Size/MD5 checksum: 103546 c7567ff1155e94df83a6bbcd9de015c6\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_hppa.deb\n Size/MD5 checksum: 88188 bf39feccae69a7235cb1ba71d1491f22\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_hppa.deb\n Size/MD5 checksum: 470564 314e97748eeef8b0cab4891ddb69b7d4\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_hppa.deb\n Size/MD5 checksum: 59532 85137aedcac347b66103668efc3b68fc\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-586tsc_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 12040638 8eec475d9babaeb5d25b7b865f026cb4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-386_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 11053046 8929fb193f16f2b31b4b7809aaea53be\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-686_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 302228 eeb50dc4e7bc6e46270b1ffc6a7c022a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-586tsc_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 296352 1ccc246a45ea05b5733b7eba1a69565a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-686-smp_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 12701100 b5c503e04df6ee0756abbe834428627a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 1826896 9893d41bc9626716ffc8f0ac8f3f549c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k6_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 290200 c4d4abf27c6b60ddfd3ac5a59c606c82\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-4_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 12098 473bb773ae15d488b121f699dffa56b1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-686_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 302158 7b2d0e09e6ad00f0edf653d1810f2170\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k7_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 301910 7d60a9e082623d86270d67a166097b39\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-686-smp_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 307986 4509c907f116ad61c21d9f983f326a2f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-686-smp_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 303734 e462e10de527040a400b86810e995824\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-386_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 271482 103a59b0692a5122061b2d88de718389\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k7_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 12108040 15b31c4c7dea644947d8a4384721ce90\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge6_i386.deb\n Size/MD5 checksum: 4774606 6d996cfb6a6c3f8b2eb0321a89cfa666\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k6_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 301144 8b757eec3179bae66fb204de4f5174ba\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge9_i386.deb\n Size/MD5 checksum: 12011214 8231c58dd4849fd400a8f070521bd8db\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-686_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 12357520 19f1a4541316c43aef1a620faa6cc2ce\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k7-smp_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 303876 8ac078f30efb4d8cecf7e64ae0d6e0fa\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k7-smp_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 301068 516319cf8edfb73f4eb5fc3fb0540d2e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-386_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 301092 7ee8e4e544130eecfe219d6817b30edc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k7-smp_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 12439548 7a01788b6a38c1c3a631730a43cc3308\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k6_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 11725900 1445c83335cde33289c5fb5e9148d269\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-586tsc_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 301844 4c59df1320ef970ea80aec994d60a16c\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge6_i386.deb\n Size/MD5 checksum: 11315224 3a6bb4baab15dc3cce96bc7bdb63d788\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k7_2.4.27-10sarge7_i386.deb\n Size/MD5 checksum: 296146 63a8217bf1fc9c8a0e27653f99289a78\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge6_i386.deb\n Size/MD5 checksum: 7772498 7a3c41ba3ad48e9e4f8f22bbe639b41d\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_i386.deb\n Size/MD5 checksum: 18060 be22201ec0c3ebab8089714b6eebfa0f\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-386_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4396 7329077b0171010fb61d5c3bc18eb306\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-586tsc_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4416 fd54e30a86bf2c6995a4e805e6ffb340\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-686_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4424 d3092f18e1ad781c7f31e25f101a21d8\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-686-smp_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4500 afd217d917c37147ae61f304e250a6fa\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-k6_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4410 5d64373b3207881b0e5fe8736d4c3e00\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-k7_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4404 3b5b282a073c7c1bf0e00c6e97fb7828\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4-k7-smp_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 4478 172afe01c05d84d413c730f92265d985\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-386_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1262010 a64ea693d4bdffae489155a4e4c5c044\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-586tsc_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1289138 f8ec1434fc6e9703d47e55d7caa00ffe\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-686_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1368484 9fcfeed4925900870a13319159512327\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-686-smp_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1412328 89f900f47d4e79de30b134202ed0b98a\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-k6_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1272848 e738c4ecc486884fccec945044e1de99\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-k7_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1341058 b694ff22a7474b7c3e53b3cfad4dffe8\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-3-k7-smp_1.0.8+2sarge1_i386.deb\n Size/MD5 checksum: 1380634 48467292dcb05f4d97c00abe264686ef\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-386_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1262528 ff0e8032f0ea8b5ea174c97a7dd20da7\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-586tsc_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1289658 01d76b0a6ab3ce4d46b313d176692686\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-686_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1369022 2c141d44bb23f0ff23fc4051a064dbe9\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-686-smp_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1412810 cc8bf0b6f778ca428dd1f2aa219898a7\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-k6_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1273414 80b20a46c7db9db7f2529980ca0b428d\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-k7_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1341600 5dc6b283f17aa35cfc1ea2f4f00a5805\n http://security.debian.org/pool/updates/main/a/alsa-modules-i386/alsa-modules-2.4.27-4-k7-smp_1.0.8+2sarge2_i386.deb\n Size/MD5 checksum: 1381190 874346a5f9bbce101ce1effbb10209aa\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-386_101sarge2_i386.deb\n Size/MD5 checksum: 2210 94453df286d5f4e53129c9ad21c48269\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-586tsc_101sarge2_i386.deb\n Size/MD5 checksum: 2232 56e34da6218d5a9f5c495dbfa5b55234\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686_101sarge2_i386.deb\n Size/MD5 checksum: 2250 4d72f7bd505333cee3e3e6fe24b35cfc\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2320 7e9d9c4d9e27630f3177f0ed33445958\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k6_101sarge2_i386.deb\n Size/MD5 checksum: 2236 9899de5f907ce3bf505230f57e8e977f\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7_101sarge2_i386.deb\n Size/MD5 checksum: 2228 e49a7f6a1ebf9217ca427fe98bef9ef5\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2290 3656872aeedf815c3fb157e27a35aeed\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-386_101sarge2_i386.deb\n Size/MD5 checksum: 2180 d493e7439c2ac668aa8af8e300476a32\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-586tsc_101sarge2_i386.deb\n Size/MD5 checksum: 2200 99dc53e529fe3780b87ebea56bc3a9e2\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686_101sarge2_i386.deb\n Size/MD5 checksum: 2208 ecaf8a85eeab65f53b7cfc369e872741\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2274 a0ae0ea68ab8e0ad0b5c7ce84c648205\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k6_101sarge2_i386.deb\n Size/MD5 checksum: 2192 ed4d6c14605c790b4b1514479cf2a4dc\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7_101sarge2_i386.deb\n Size/MD5 checksum: 2190 de7c785f29cfac9758d90c48c8eb5bca\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2258 e07b801edb75bff62ff274577b74e41f\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-386_101sarge2_i386.deb\n Size/MD5 checksum: 2200 8b295e8d54d56803114aca936edb9b3b\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-586tsc_101sarge2_i386.deb\n Size/MD5 checksum: 2218 6c564fa8fbe8eb3fed7547f363a5f3d3\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686_101sarge2_i386.deb\n Size/MD5 checksum: 2232 ca5ab5706cf7092c57853b73611ccf37\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2296 cf0ed26b54117f21c940785dd5cd6361\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k6_101sarge2_i386.deb\n Size/MD5 checksum: 2212 c596e89ceb9694a47531542a81618fe8\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7_101sarge2_i386.deb\n Size/MD5 checksum: 2214 cceb0bf335f590d45b56060150be29e6\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2278 5747a8a13621d34006e02e12ddecfdf5\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-386_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77860 2412ecaf415f28cedf1594fc5853a59d\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-586tsc_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77604 c427abcb6f60c5bf1ac10bc19a65a8b8\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-686_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77592 9655842dd75143b38d9591c05c069ac7\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-686-smp_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77674 f068190e67295066533fb3fff111c814\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k6_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77586 7a73742b7405143708835f3932f9fa70\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k7_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77678 0a7beec37cd1bf7ec8f1731ae9d6bb9a\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-3-k7-smp_2.9.1-1sarge1_i386.deb\n Size/MD5 checksum: 77734 5e4b8007c196b17ee41776406b0b8230\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-386_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77904 8e0633c48d4a196eb7d750f75bd7068a\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-586tsc_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77644 e74884dab42407313589891ff9bab2ec\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-686_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77634 8fd76652c4e0c63f65a06a596306f7e2\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-686-smp_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77702 c33cd973e0b5f4426e1ff15c2b07bb93\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-k6_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77642 de16e1b5ef4844c9b3619c6d0866a06c\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-k7_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77702 fec475b02fa1569acc7a2fd254736c89\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-k7-smp_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77762 7cd84fb3f7ccac997edf9ad814f596fc\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 94012 2f7dd855a2776ace2161f61c9da880d4\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 77984 62558920315cbde876f88380f87a577d\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 474474 1e8df851476f1d44b88888c9c67ea104\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-386_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 258638 9dab2f0c6ca40bb6b1fa648c72dea266\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-586tsc_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 258646 27ec0369b7e5710cfa9b8a2f6dc7f976\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-686_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 258638 7b59494c8c7e836392ec8d29832a37f7\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-686-smp_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 259220 1f84862f63d4b84ca52d3b0188eae27f\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-k6_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 258658 f44895c10b0a2a66f9f8fc2fc1c08945\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-k7_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 258950 fc63b5a3190378d192810b865db159d7\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-2-k7-smp_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 259496 acbd3d286c9f83c33075207a32297bfe\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-386_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 258984 1e42dac94e18a442204e159252730d5e\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-586tsc_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 258980 cf019b62e65a17b0ed20e149faa44559\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-686_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 258980 ed75fb59949e2364abfc9459a4832fb3\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-686-smp_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 259572 9505af261ada93ee26c66a3fb0d7d82e\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k6_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 258984 f0ca8379fd4fe3e7bd07480630d01b05\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k7_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 259296 a1674fac85b1dc7aaf4e43099bf6de5c\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-3-k7-smp_2.9.1-1sarge3_i386.deb\n Size/MD5 checksum: 259850 b623d22abc6f054d77b7a30917f08009\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-386_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33496 dc6d281fab6c1ab610e419758fd7b895\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-586tsc_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33506 b8318c2a64dfc2ed3a6997c958d2d4a8\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-686_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33492 869083538e79481e56094549c5321cd0\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-686-smp_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33504 4683e862b99aee94cce49c7e24f4ca8d\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-k6_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33488 b11e22c02586f81d1ce395ae1244428e\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-k7_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33488 b83277fd8366c6120159be2d61c219cc\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-k7-smp_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33500 84fe5e6f5efe32f98d65732bbfe658ab\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 56474 1f0f3fa67108dbde771d44446870feb1\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-386_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 477610 61f0e8d1bd3dcbf8447a15f3986710ce\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-586tsc_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 477644 302afa94885da8c4f143b8f5aa3476b0\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-686_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 477608 0dfded776cb25f87885f3e2cd54139fb\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-686-smp_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 484192 c46d1f7e98b6b3e625158ddaca907951\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k6_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 477594 429eb2dd9bec9b005332f8025849f378\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k7_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 477580 24ef30a122508783dc22e87a43923e45\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-3-k7-smp_3.2.5+2sarge1_i386.deb\n Size/MD5 checksum: 484198 53b2e26c3a6892fe41301e31a8e91701\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-386_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477778 b11e7c242050e16293ad1163f60770cb\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-586tsc_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477780 65991feae9a3464324fb4fd9a380ef00\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-686_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477742 b5fcc0041e57a89f2497a94934ab051f\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-686-smp_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 484382 3ce4020ba4761da02bf838277169b514\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-k6_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477686 7b9b7b5442441dc35b0d17f785dfce87\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-k7_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477716 568d8b1052dbaff75b1d08e75b503dc9\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-k7-smp_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 484410 1b0e0136ac477ad58a991da10fef9275\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-386_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 140588 4d3d9c96e4566ea0ae5b8ce33892b9f5\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-586tsc_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 153216 ec1de04dfe524ed566c9168317c7f96d\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 156142 d3d7ccde57a411d1e57fd606dac627fb\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-686-smp_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 160348 3f0273700f3be9fa5430046ba227dd91\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k6_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 149216 69c40d1ebb04a5ceca0374d28ff6faa2\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 154834 49bca7c096574c6c0dbfe44db03c2cd0\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-3-k7-smp_0.3.7-1sarge2_i386.deb\n Size/MD5 checksum: 158768 d31bb7bcec9ea2d123df2d9d2fc3ccff\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-386_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2446 d0f3f731301d12a7e83e0adc5e6faab5\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-586tsc_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2452 448ea77ae78b84b31074c06310abff2d\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-686_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2454 51c30ec77e9345f6eb930a2684cc72f9\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-686-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2466 630fcf555d96bbefe36adc031b1590dd\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-k6_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2462 1f0c32839c6fac5010d7a37bd29ac335\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-k7_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2458 fde4680c9802476653d87385f7553110\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-k7-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2466 b429be79430479aa6195e9be4df2df32\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-3-386_0.3.7-1sarge1_i386.deb\n Size/MD5 checksum: 147580 741b00a1dd08f0a3ec11807b5b5e0d21\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-3-686_0.3.7-1sarge1_i386.deb\n Size/MD5 checksum: 164966 3608c1954937b7c2a562c5e7cec9c82a\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-3-686-smp_0.3.7-1sarge1_i386.deb\n Size/MD5 checksum: 168700 f4292765662e2f76d9a2e18af8052122\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-3-k7_0.3.7-1sarge1_i386.deb\n Size/MD5 checksum: 163394 cde18e20701333deb222482a6bacd7ab\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-3-k7-smp_0.3.7-1sarge1_i386.deb\n Size/MD5 checksum: 167226 488d6c27c43fe4e6b39d3c2d8ee54be9\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 147744 f4e889628f1479ca845848c374ba94d4\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 165342 2d7a7d95cd8659cbae4a293ed5247443\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 169666 5ab7867f5d9fa479e8a8f96cd6fa9fc8\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 163754 ac42725375d4e828b4220d84f7f92ef7\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 168080 6dbbcfbcef54fcef4106675d84bf75c1\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 8840 175694ae0a7e277237c50afe60bc0b62\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-itanium-smp_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 17044422 41b3807bc4e7c2487d51784d1e6da20d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-mckinley-smp_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 244804 c7ddf4d27bbcc7a65f227a8f39960789\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 8824 07f37c5408cec8fb777ca18746a5a1bc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-4_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 9044 d677c2765ec285cd2ae65fe376657e10\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-itanium-smp_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 244958 285f20f2ee3f7ec6246ae0799a5a3e1d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-itanium_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 243766 e10f65174982b0fad0bb6cb0bdb96eae\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-itanium_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 16683002 41d6e31c8d9ab4a72f5c536bf4d2db7f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 8808 28ea0d2a22689cdf78903dfe8c880b82\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 8850 8f3e1a627d35cded29666e6f17c7952c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-mckinley-smp_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 16990744 34ae5f2398e380b0d0b5b66ce005014f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-mckinley_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 16636002 52d9ee8a8b36a7290873fa7234d6a6b7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 4691092 627c0ebf4a1cd7207abd5e7dc4dbf1c2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-mckinley_2.4.27-10sarge7_ia64.deb\n Size/MD5 checksum: 243636 3de8343d803a316d83a05518d7ccbca3\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_ia64.deb\n Size/MD5 checksum: 23668 fa7dde0df4892ae3ecf13e7ef48eefb5\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_ia64.deb\n Size/MD5 checksum: 110608 97b5054f3442426ecda36000e460d1d7\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_ia64.deb\n Size/MD5 checksum: 94792 a7add54463e7eebe42d0e1209b39ed16\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_ia64.deb\n Size/MD5 checksum: 487606 d961d1c7f08a33c5d3f192ff909bac5a\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_ia64.deb\n Size/MD5 checksum: 64004 e7c35fe3a0240bd3a36fe90790d2dd4c\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2395408 93f0eb4bb3728673de2dcca48b1f6321\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2476904 e6435630d84030f7cacd23093a6653eb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2543798 80826caca0dc4c439e4b2d3459adff6c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2323548 47a5c2b13d0ca4c57b5f6504f5b0f4a7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2260928 3b2ad7134a31d80224924c6ac3c715d1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2636594 01865c402c1eabfdcafd872b9e513510\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge7_m68k.deb\n Size/MD5 checksum: 2393294 b610a211ef03a3e2a82f38468672c917\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_m68k.deb\n Size/MD5 checksum: 17794 398b6bccc2ef8df7eef83b434793fb4c\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_m68k.deb\n Size/MD5 checksum: 95102 335230b6c3f37d4a0447bf02dd3d766f\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_m68k.deb\n Size/MD5 checksum: 82852 33044d3d1f33772cabadf35f44b5a24c\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_m68k.deb\n Size/MD5 checksum: 457390 ca7a6f7f524d90a2471e6f06b61c6469\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_m68k.deb\n Size/MD5 checksum: 55444 7226ed9f01e5a5be6e5d8f6ac193379a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-4_mips.deb\n Size/MD5 checksum: 4763652 25f504369798f853722d8f63317bda53\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-4_mips.deb\n Size/MD5 checksum: 7223516 6a1496ab421673c1f8edceb956b3294e\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge4.040815-4_mips.deb\n Size/MD5 checksum: 3879916 f569ca2cb1e0fb6684d25fbab4a3d153\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge4.040815-4_mips.deb\n Size/MD5 checksum: 3878204 d3b6143706a6f8459b1c5b180645b103\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_mips.deb\n Size/MD5 checksum: 21614 17a387f7eeb5ec819d702f47cd6373b6\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_mips.deb\n Size/MD5 checksum: 102282 5fb38a6229d753605225396f90b620ca\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_mips.deb\n Size/MD5 checksum: 79810 e44f473d8d65c281bfa466b58b772185\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_mips.deb\n Size/MD5 checksum: 469842 4ffcd8c522c5680ed07305433fe6391f\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_mips.deb\n Size/MD5 checksum: 58210 65e27c3a3cbae0d69dc371cced174a72\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 21948 e10b5a0be635ce80df14c29b754738f2\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 4112190 c6c565011042090ab2158a8d75bdaf4f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 2144980 7e3cffbe800573df5c141c7655491351\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 4681682 2e22969824ec3e0a37b2b7eed79552dd\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 3042410 47d02daf465a611c75d73fab149fd22f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 3002862 f9374af85983392e1229bad8980cbe10\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 7049414 26eb406fb10b1f1d2919d23c9731dc88\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-4_mipsel.deb\n Size/MD5 checksum: 4688080 00d80aacdd7585dbc5eecae45528eb17\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_mipsel.deb\n Size/MD5 checksum: 99406 cc6e5fbe3876cc14079e45cc872edbd7\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_mipsel.deb\n Size/MD5 checksum: 78408 f3f4f7ade9629d7cf125308da3e98e29\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_mipsel.deb\n Size/MD5 checksum: 465738 1a6d8ae53fafc23f75db2e4bdce116dc\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_mipsel.deb\n Size/MD5 checksum: 58580 750f1d0ab9127abccc930cdab161460f\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 4803418 2895c2cc6681996860c5cbaac5b34e2b\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 160134 89fe366843d1796419d9163fb78e9f18\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 146276 ce743df6af1de9d944405bda5c98ba3f\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 12763692 534470af2ebb96b81294a9185d172220\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 160066 4b10ac662a2009c4ccba5c37692f5925\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 12336 f85a96390405611be12b0389673ad88e\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 12412 592aaed71f5818fa8ba081328ac10189\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 2505874 7a74220b038f71b38136ac175b38c27f\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 69284 1f7aeab04481a5da2dcbecd0311d55c8\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 1823112 6c0d1f470aabbe9dc7832f276d439e78\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 4696040 fb8c7d5014a1127a92e0d47556b33be4\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 13795460 8cc78a8cfdd6e8d7d155d2eea5d76148\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 13490978 dae3afc9c3e6777f44ffafcfba680ae2\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 160356 235ac45f5bc53bd85a102f647fc3e049\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 4685784 65825d0b57c91229818caeaa97279e06\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge7_powerpc.deb\n Size/MD5 checksum: 146108 56582343ff92380a62927551c67f5546\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_powerpc.deb\n Size/MD5 checksum: 20420 5b8c3958a314872538e2e1513a3a87f2\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_powerpc.deb\n Size/MD5 checksum: 106010 ec5164cf27e749a8100503f9eb96f205\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_powerpc.deb\n Size/MD5 checksum: 84250 c740c32617f2bd0d7509e753b57e629d\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_powerpc.deb\n Size/MD5 checksum: 476802 4251bff9765fdd34959f37669ce75997\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_powerpc.deb\n Size/MD5 checksum: 59454 5f0671474ab506620ea6f569845f19a0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-4-s390-tape_2.4.27-2sarge7_s390.deb\n Size/MD5 checksum: 997610 06d087ae6f8a3c91624df8adba422b43\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-4-s390x_2.4.27-2sarge7_s390.deb\n Size/MD5 checksum: 2977720 4e64930f29e8f2fe942d17447a37842f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-4_2.4.27-2sarge7_s390.deb\n Size/MD5 checksum: 4581380 43fe2f93201fefe13b9edb2eecae8494\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_s390.deb\n Size/MD5 checksum: 20798 c3b5b38327d77672f213627967f5c473\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-4-s390_2.4.27-2sarge7_s390.deb\n Size/MD5 checksum: 2785910 030b4071a671d87020075f6969b9de7b\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-headers-2.4-s390_2.4.27-1sarge2_s390.deb\n Size/MD5 checksum: 1916 5f3a222f65f28cc02c3dac36d9fae589\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390_2.4.27-1sarge2_s390.deb\n Size/MD5 checksum: 1902 e50783f20196403fdb201296faa5f955\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390x_2.4.27-1sarge2_s390.deb\n Size/MD5 checksum: 1904 e82185af5c4ffc366c91a62c3710b0f7\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_s390.deb\n Size/MD5 checksum: 105208 8c5d630434b513e4c9391d92d981714e\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_s390.deb\n Size/MD5 checksum: 86976 43af53da4b8bb0041dd32feca8a62aaa\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_s390.deb\n Size/MD5 checksum: 463770 74d2fb769313f552e3d6e35cb6e29148\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_s390.deb\n Size/MD5 checksum: 58088 259139f27527bbb065a05ecf5450d489\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc32_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 3607276 1d74de7f87679773e000d54e0f5d67f8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc32_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 166192 64b14ea4a0669309c7db71a463a1f8f4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc64_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 6390838 db1a1833b5a3e3521fd61fb64fe2eddc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 2026788 c891f5c9d9f8abaf72f3e3d1f77cd90e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-4_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 12082 abc164109907a87b49c369d3174c75b3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc32-smp_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 167958 f092a4be58b46498a40b9cddd3e36ece\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc64-smp_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 205898 2025b7f2ebc435ff887c53fe219e7045\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc32-smp_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 3796782 2027f646c3098d2d288d58fd23fa4635\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc64-smp_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 6555484 92b0ce9e2a3a56333bb365fe98f7bc05\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc64_2.4.27-9sarge7_sparc.deb\n Size/MD5 checksum: 204510 f43a623b9ca40c506f183d6fff4e1594\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-4_sparc.deb\n Size/MD5 checksum: 19698 bc4b3afa37eb605fbb21aa213cb3a6de\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32_42sarge3_sparc.deb\n Size/MD5 checksum: 2232 746057a5e29dbdb064bcf4b772d7bf99\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2238 b603643edb3cdd828155317d85cc46ef\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64_42sarge3_sparc.deb\n Size/MD5 checksum: 2228 aac7dfd77156b6b90ca18fc8c1cff974\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2238 59514eec80d5fdf2e92cb943c50eb9b9\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32_42sarge3_sparc.deb\n Size/MD5 checksum: 2208 2245a85962621b06eab854d81f5e2bd9\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2228 e25173a6212f5788a1eee7272033d92e\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64_42sarge3_sparc.deb\n Size/MD5 checksum: 2210 c67bc9270fa69033579ded9a949b0c40\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2224 3640903c50cf3f5ac3ca07e4f1a23e4c\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_sparc.deb\n Size/MD5 checksum: 100370 fc7792dfa08b4c197d3ba673cf229f91\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_sparc.deb\n Size/MD5 checksum: 80992 f877376ad39a4899a32b1c00cc7f8069\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_sparc.deb\n Size/MD5 checksum: 470320 6daf1e125485e018d5ad162fec69eb15\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_sparc.deb\n Size/MD5 checksum: 56758 1aded5c241d250319d644ef30d7434e6\n\n\n These files will probably be moved into the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ sarge/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/sarge/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 7, "modified": "2008-03-06T07:48:40", "published": "2008-03-06T07:48:40", "id": "DEBIAN:DSA-1503-2:1BB11", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00077.html", "title": "[SECURITY] [DSA 1503-2] New Linux kernel 2.4.27 packages fix several issues", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-11T13:14:34", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-4311", "CVE-2007-1353", "CVE-2006-4814", "CVE-2007-6151", "CVE-2004-2731", "CVE-2006-6106", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-1592", "CVE-2006-6053", "CVE-2007-6206", "CVE-2006-5753", "CVE-2006-5823", "CVE-2007-6694", "CVE-2007-2525", "CVE-2007-6063"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1503 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nFebruary 22, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.27 (2.4.27-10sarge6)\nVulnerability : several\nProblem-Type : local/remote\nDebian-specific: no\nCVE ID : CVE-2004-2731 CVE-2006-4814 CVE-2006-5753 CVE-2006-5823\n CVE-2006-6053 CVE-2006-6054 CVE-2006-6106 CVE-2007-1353\n CVE-2007-1592 CVE-2007-2172 CVE-2007-2525 CVE-2007-3848\n CVE-2007-4308 CVE-2007-4311 CVE-2007-5093 CVE-2007-6063\n CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007\n \nSeveral local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2004-2731\n\n infamous41md reported multiple integer overflows in the Sbus PROM\n driver that would allow for a DoS (Denial of Service) attack by a\n local user, and possibly the execution of arbitrary code.\n\nCVE-2006-4814\n\n Doug Chapman discovered a potential local DoS (deadlock) in the mincore\n function caused by improper lock handling.\n\nCVE-2006-5753\n\n Eric Sandeen provided a fix for a local memory corruption vulnerability\n resulting from a misinterpretation of return values when operating on\n inodes which have been marked bad.\n\nCVE-2006-5823\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted cramfs filesystem.\n\nCVE-2006-6053\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted ext3 filesystem.\n\nCVE-2006-6054\n\n LMH reported a potential local DoS which could be exploited by a malicious\n user with the privileges to mount and read a corrupted ext2 filesystem.\n\nCVE-2006-6106\n\n Marcel Holtman discovered multiple buffer overflows in the Bluetooth\n subsystem which can be used to trigger a remote DoS (crash) and potentially\n execute arbitray code.\n\nCVE-2007-1353\n\n Ilja van Sprundel discovered that kernel memory could be leaked via the\n Bluetooth setsockopt call due to an uninitialized stack buffer. This\n could be used by local attackers to read the contents of sensitive kernel\n memory.\n\nCVE-2007-1592\n\n Masayuki Nakagawa discovered that flow labels were inadvertently\n being shared between listening sockets and child sockets. This defect\n can be exploited by local users to cause a DoS (Oops).\n\nCVE-2007-2172\n\n Thomas Graf reported a typo in the DECnet protocol handler that could\n be used by a local attacker to overrun an array via crafted packets,\n potentially resulting in a Denial of Service (system crash).\n A similar issue exists in the IPV4 protocol handler and will be fixed\n in a subsequent update.\n\nCVE-2007-2525\n\n Florian Zumbiehl discovered a memory leak in the PPPOE subsystem caused\n by releasing a socket before PPPIOCGCHAN is called upon it. This could\n be used by a local user to DoS a system by consuming all available memory.\n\nCVE-2007-3848\n\n Wojciech Purczynski discovered that pdeath_signal was not being reset\n properly under certain conditions which may allow local users to gain\n privileges by sending arbitrary signals to suid binaries.\n\nCVE-2007-4308\n\n Alan Cox reported an issue in the aacraid driver that allows unprivileged\n local users to make ioctl calls which should be restricted to admin\n privileges.\n\nCVE-2007-4311\n\n PaX team discovered an issue in the random driver where a defect in the\n reseeding code leads to a reduction in entropy.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nCVE-2007-6063\n\n Venustech AD-LAB discovered a a buffer overflow in the isdn ioctl\n handling, exploitable by a local user.\n\nCVE-2007-6151\n\n ADLAB discovered a possible memory overrun in the ISDN subsystem that\n may permit a local user to overwrite kernel memory leading by issuing\n ioctls with unterminated data.\n\nCVE-2007-6206\n\n Blake Frantz discovered that when a core file owned by a non-root user\n exists, and a root-owned process dumps core over it, the core file\n retains its original ownership. This could be used by a local user to\n gain access to sensitive information.\n\nCVE-2007-6694\n\n Cyrill Gorcunov reported a NULL pointer dereference in code specific\n to the CHRP PowerPC platforms. Local users could exploit this issue\n to achieve a Denial of Service (DoS).\n\nCVE-2008-0007\n\n Nick Piggin of SuSE discovered a number of issues in subsystems which\n register a fault handler for memory mapped areas. This issue can be\n exploited by local users to achieve a Denial of Service (DoS) and possibly\n execute arbitrary code.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 3.1 (sarge)\n alsa-modules-i386 1.0.8+2sarge2\n kernel-image-2.4.27-arm 2.4.27-2sarge6\n kernel-image-2.4.27-m68k 2.4.27-3sarge6\n kernel-image-speakup-i386 2.4.27-1.1sarge5\n kernel-image-2.4.27-alpha 2.4.27-10sarge6\n kernel-image-2.4.27-s390 2.4.27-2sarge6\n kernel-image-2.4.27-sparc 2.4.27-9sarge6\n kernel-image-2.4.27-i386 2.4.27-10sarge6\n kernel-image-2.4.27-ia64 2.4.27-10sarge6\n kernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-3\n kernel-patch-powerpc-2.4.27 2.4.27-10sarge6\n kernel-latest-2.4-alpha 101sarge3\n kernel-latest-2.4-i386 101sarge2\n kernel-latest-2.4-s390 2.4.27-1sarge2\n kernel-latest-2.4-sparc 42sarge3\n i2c 1:2.9.1-1sarge2\n lm-sensors 1:2.9.1-1sarge4\n mindi-kernel 2.4.27-2sarge5\n pcmcia-modules-2.4.27-i386 3.2.5+2sarge2\n hostap-modules-i386 1:0.3.7-1sarge3\n systemimager 3.2.3-6sarge5\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nNote that this update changes various package names due to ABI changes.\nYou must therefore have the corresponding upgrade-assist metapackage(s)\ninstalled for your upgrades to automatically take place. These packages\nhave names with the prefix 'kernel-image-2.4-'.\n\nFor a full list of the metapackages available for your architecture, run\nthe following command on the target Debian 3.1 system:\n apt-cache search kernel-image-2.4-\n\nAny 3rd party modules that have been built and installed for your system\nwill need to be rebuilt and installed for compatability with the new ABI.\n\nDebian 3.1 (oldstable)\n- ----------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge2.dsc\n Size/MD5 checksum: 1345 4686200ea3a9e29560dffde21e35d247\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge6.dsc\n Size/MD5 checksum: 831 8562d7488f7cb95d205bf76fe110f6c1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge6.dsc\n Size/MD5 checksum: 876 1a7aac50d25494a39a12da08d10c9139\n http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge2.dsc\n Size/MD5 checksum: 857 2f49354f5660d561153dcdb283a04c60\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-latest-2.4-i386_101sarge2.tar.gz\n Size/MD5 checksum: 2651 6aff151a16ad2211e6f118efdd2fca6d\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge6.diff.gz\n Size/MD5 checksum: 783802 57cbeb3a0d58f27c5491ea92ae8760dc\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge5.dsc\n Size/MD5 checksum: 1027 7152d7aa17c4632a0e9ef450e92d3850\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge6.tar.gz\n Size/MD5 checksum: 12009 a9d2d3f315b9e2ddcb835ac35b993e82\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1.orig.tar.gz\n Size/MD5 checksum: 870765 f5af615e39441d95471bdb72a3f01709\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager_3.2.3-6sarge5.tar.gz\n Size/MD5 checksum: 15980836 2ed3cdd33958dbbb79acad51633fed0e\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge3.dsc\n Size/MD5 checksum: 685 3684714d888d9897193781152b1bb2fa\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge5.diff.gz\n Size/MD5 checksum: 6520 78dd7ab4110563f7cfa41546b7afda57\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge5.tar.gz\n Size/MD5 checksum: 20360 f80c884ab46b2e419ca401ed21c7d698\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27.orig.tar.gz\n Size/MD5 checksum: 9501 a4ad085824ade5641f1c839d945dd301\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge6.dsc\n Size/MD5 checksum: 1130 67e25655311032dc532f331bfaad529e\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge2.tar.gz\n Size/MD5 checksum: 105479 c2b1bb5c024aec2c4938866fda42a536\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge3.dsc\n Size/MD5 checksum: 846 e49c48cbef5fce4aac4ca3bfd9b97518\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.dsc\n Size/MD5 checksum: 1050 2930e25b0b2978c257ea94b7c0f385f4\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-latest-2.4-sparc_42sarge3.tar.gz\n Size/MD5 checksum: 2281 d72e0b2a828d4db9076142f8092a83b0\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-i386_3.2.5+2sarge2.dsc\n Size/MD5 checksum: 825 1b3ccb11081c743293e515f0864f76f7\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4.diff.gz\n Size/MD5 checksum: 33474 f96bd95e933f2ad4184a64141a11a375\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-powerpc-2.4.27_2.4.27-10sarge6.tar.gz\n Size/MD5 checksum: 1466506 4077db3abe1299270d37ab358e8f5443\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge6.dsc\n Size/MD5 checksum: 1143 1434f7f54c70afe26043692c12537e57\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge5.dsc\n Size/MD5 checksum: 750 2ae692be75bc5bd0ae47105ec3b903e4\n http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1.orig.tar.gz\n Size/MD5 checksum: 142961 eb3d1df2d3b46f199af2485db612c76d\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4.dsc\n Size/MD5 checksum: 1089 5f669ca85a85782c1040d45c351d965e\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge2.dsc\n Size/MD5 checksum: 663 afa6f7006f0e5f28f08f81ab0c0cba7b\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-latest-2.4-alpha_101sarge3.tar.gz\n Size/MD5 checksum: 1987 e4c3061eb307723a40cd3bbc0e28fcc4\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge3.dsc\n Size/MD5 checksum: 1092 1682bf8794992d2bd327227cbe21fb77\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge6.tar.gz\n Size/MD5 checksum: 101379 c5fde5cda4bc40b613e3eb8389464e00\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-ia64_2.4.27-10sarge6.tar.gz\n Size/MD5 checksum: 57143 4e1252ccc54094413af132b1e509c78a\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-speakup-i386_2.4.27-1.1sarge5.dsc\n Size/MD5 checksum: 732 c78ef81ca5b402222e7137d1a8052748\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-patch-2.4.27-mips_2.4.27-10.sarge4.040815-3.tar.gz\n Size/MD5 checksum: 310504 a95d863d77233921e79185c3dac62f94\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-latest-2.4-s390_2.4.27-1sarge2.tar.gz\n Size/MD5 checksum: 1629 631165e8731c66fc60e875371c649a03\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge6.dsc\n Size/MD5 checksum: 900 cacb4fcef0ee57a53ba0efbfcae9d3cf\n http://security.debian.org/pool/updates/main/i/i2c/i2c_2.9.1-1sarge2.diff.gz\n Size/MD5 checksum: 9671 afae6ba433c81376fc42fb5de1750169\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27.orig.tar.gz\n Size/MD5 checksum: 38470181 56df34508cdc47a53d15bc02ffe4f42d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-m68k_2.4.27-3sarge6.tar.gz\n Size/MD5 checksum: 14303 50eac91503e4d951e8c555470526c56d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge6.dsc\n Size/MD5 checksum: 839 09f407768d0a85fa121f68595bf6d9da\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-i386_2.4.27-10sarge6.dsc\n Size/MD5 checksum: 1582 d905f8b5191e92587b2694776bfd2162\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-alpha_2.4.27-10sarge6.tar.gz\n Size/MD5 checksum: 33837 94e6565cd478f866a0f079b8d5de5b1e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge6.dsc\n Size/MD5 checksum: 1074 872a5a07e8a19c0544ca02dccc59730c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-arm_2.4.27-2sarge6.tar.gz\n Size/MD5 checksum: 37326 dcdb061379c1e912712be472ef423a2e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-s390_2.4.27-2sarge6.dsc\n Size/MD5 checksum: 832 e877d255836a119568f2b811484509a8\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-i386_0.3.7-1sarge3.tar.gz\n Size/MD5 checksum: 2328 c3f3f0a00cd017334a3d045142f11b6f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-sparc_2.4.27-9sarge6.tar.gz\n Size/MD5 checksum: 26268 6401b539084d362190963c16487ac91d\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/i/i2c/i2c-source_2.9.1-1sarge2_all.deb\n Size/MD5 checksum: 159972 52f3d8c35dc66b3806fdcbd5911172ef\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-doc-2.4.27-speakup_2.4.27-1.1sarge5_all.deb\n Size/MD5 checksum: 2424128 6bc37ebffcc8af7d71edabbc29edff9e\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 119874 6320eef7e64b58239bbf976787178a86\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-patch-debian-2.4.27_2.4.27-10sarge6_all.deb\n Size/MD5 checksum: 752214 ea5d65d5f1c650e0b9d7db4373df65b4\n http://security.debian.org/pool/updates/main/l/lm-sensors/kernel-patch-2.4-lm-sensors_2.9.1-1sarge4_all.deb\n Size/MD5 checksum: 304594 17171ede79299ea662c0eb92c09d7b89\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-tree-2.4.27_2.4.27-10sarge6_all.deb\n Size/MD5 checksum: 28966 2f946b48d7784fd66e1833972999b091\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-source-2.4.27_2.4.27-10sarge6_all.deb\n Size/MD5 checksum: 31485082 d8e3315c288f5550386686d4f56b945b\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-client_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 32790 6e1a1822035ee3eacd9b64adc1e9af57\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-server-flamethrowerd_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 18512 8f686699219008d35136f3eda8846894\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-ia64-standard_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 9548918 f2d22e050aec4e3cdef89fa36d0a1acd\n http://security.debian.org/pool/updates/main/i/i2c/kernel-patch-2.4-i2c_2.9.1-1sarge2_all.deb\n Size/MD5 checksum: 106162 c020f32c2b9c0bb3f60a8d7aa536202b\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.27/kernel-doc-2.4.27_2.4.27-10sarge6_all.deb\n Size/MD5 checksum: 3590114 333eed9fc4f7de67d8d348b4437e212d\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-doc_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 633864 aa02fdc51feb16ab51aa2d0b864b5033\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-source_2.9.1-1sarge4_all.deb\n Size/MD5 checksum: 945778 b5cd269a473566b2eab20477bb5ccc75\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-boot-i386-standard_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 4762284 0e4f9547acf07ac7eac578acd7062289\n http://security.debian.org/pool/updates/main/s/systemimager/systemimager-common_3.2.3-6sarge5_all.deb\n Size/MD5 checksum: 32908 c38aa76390664cd61cd39fcafdc061e3\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-generic_101sarge3_alpha.deb\n Size/MD5 checksum: 2004 b85b43e7e593767ac3c2e9759800441c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb\n Size/MD5 checksum: 275104 ac124d1aef568fc04144cfde499ba818\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb\n Size/MD5 checksum: 16991940 3644d797f1b4f4fe17810fc128ecfef2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-build-2.4.27-4_2.4.27-10sarge6_alpha.deb\n Size/MD5 checksum: 9536 818db9ca2e9411bd9395956f8a466850\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_alpha.deb\n Size/MD5 checksum: 21868 b3b80288bf4fa33ee8173b71396b1ed8\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-generic_101sarge3_alpha.deb\n Size/MD5 checksum: 2008 44d187a24b738878ec0624a096fdb5f4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4-smp_2.4.27-10sarge6_alpha.deb\n Size/MD5 checksum: 277016 f7a91380e5f5a795a4eccfcff273a2b1\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-image-2.4-smp_101sarge3_alpha.deb\n Size/MD5 checksum: 2016 55ea69109097ddcc254609df82c98e91\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-alpha/kernel-headers-2.4-smp_101sarge3_alpha.deb\n Size/MD5 checksum: 2010 5095855832ed1006e4d11c2d9e0325b7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-image-2.4.27-4-generic_2.4.27-10sarge6_alpha.deb\n Size/MD5 checksum: 16537164 250c932f3b2048587f8dc8e41ab26926\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-alpha/kernel-headers-2.4.27-4_2.4.27-10sarge6_alpha.deb\n Size/MD5 checksum: 4649894 e46f99205e2b499dabf3e13b6778d776\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_amd64.deb\n Size/MD5 checksum: 18612 89c5c3f01d1715252ac3ec8ba363b9de\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-bast_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 1698658 af8a1eb0a1eab58c562f639343ee5101\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-lart_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 1062484 fdac028111ef3d2a5bf226e21d74b394\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-build-2.4.27_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 484774 106d72fdc046ad8ab48bf45aff7319da\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscpc_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 3168914 a7539fe4daefea79532eda6846e92382\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-headers-2.4.27_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 4728038 305dbb3ab1d46dbeac5aeb1db685853e\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_arm.deb\n Size/MD5 checksum: 20346 1976571746db1bdc1ce05b0638cde4c7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-netwinder_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 7379444 1d96d07f4b98258c48e37a3ce3fb9816\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-arm/kernel-image-2.4.27-riscstation_2.4.27-2sarge6_arm.deb\n Size/MD5 checksum: 3693056 ec852f94b459dec72e9e776d7b7babdf\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_hppa.deb\n Size/MD5 checksum: 20722 f9b295e020b4898e0cee48fa9d1ab90e\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7_101sarge2_i386.deb\n Size/MD5 checksum: 2190 de7c785f29cfac9758d90c48c8eb5bca\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-386_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77904 8e0633c48d4a196eb7d750f75bd7068a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 301002 3aab4d4883d87b229d48fac30d41e603\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k7_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 296070 d790eb36fc3213aefb7deba17a3cbeeb\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686_101sarge2_i386.deb\n Size/MD5 checksum: 2250 4d72f7bd505333cee3e3e6fe24b35cfc\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-k7_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77702 fec475b02fa1569acc7a2fd254736c89\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-image-2.4.27-speakup_2.4.27-1.1sarge5_i386.deb\n Size/MD5 checksum: 11314694 5d9e7fbdcfde268a978f4c57bac8a445\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-386_101sarge2_i386.deb\n Size/MD5 checksum: 2210 94453df286d5f4e53129c9ad21c48269\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 165342 2d7a7d95cd8659cbae4a293ed5247443\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k7-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2258 e07b801edb75bff62ff274577b74e41f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_i386.deb\n Size/MD5 checksum: 17980 2811fbff5ff6904b4100d713b48ccffc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-386_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 301320 9017891e4c79068047e4af5cb929c31c\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-586tsc_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477780 65991feae9a3464324fb4fd9a380ef00\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-k6_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33488 b11e22c02586f81d1ce395ae1244428e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 12439378 fbc7f2c6e8a05225049e8cc5ff42fc32\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686_101sarge2_i386.deb\n Size/MD5 checksum: 2232 ca5ab5706cf7092c57853b73611ccf37\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-686_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 12357440 3892ecb2b0fb49a3ade013e27485320d\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-k6_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477686 7b9b7b5442441dc35b0d17f785dfce87\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-386_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33496 dc6d281fab6c1ab610e419758fd7b895\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2290 3656872aeedf815c3fb157e27a35aeed\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-586tsc_101sarge2_i386.deb\n Size/MD5 checksum: 2200 99dc53e529fe3780b87ebea56bc3a9e2\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-686-smp_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33504 4683e862b99aee94cce49c7e24f4ca8d\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors3_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 77984 62558920315cbde876f88380f87a577d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 301974 e32d1efb04c53424e0b8760e155e807c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 1857996 3727b12f2acaa3429b9f845c5fafa4b2\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686_101sarge2_i386.deb\n Size/MD5 checksum: 2208 ecaf8a85eeab65f53b7cfc369e872741\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-386_101sarge2_i386.deb\n Size/MD5 checksum: 2180 d493e7439c2ac668aa8af8e300476a32\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k6_101sarge2_i386.deb\n Size/MD5 checksum: 2236 9899de5f907ce3bf505230f57e8e977f\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-686-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2296 cf0ed26b54117f21c940785dd5cd6361\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-386_101sarge2_i386.deb\n Size/MD5 checksum: 2200 8b295e8d54d56803114aca936edb9b3b\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-k7-smp_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77762 7cd84fb3f7ccac997edf9ad814f596fc\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-686-smp_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77702 c33cd973e0b5f4426e1ff15c2b07bb93\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-686_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77634 8fd76652c4e0c63f65a06a596306f7e2\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-586tsc_101sarge2_i386.deb\n Size/MD5 checksum: 2232 56e34da6218d5a9f5c495dbfa5b55234\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-686-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 169666 5ab7867f5d9fa479e8a8f96cd6fa9fc8\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-k7_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2458 fde4680c9802476653d87385f7553110\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-686-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2320 7e9d9c4d9e27630f3177f0ed33445958\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-k6_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77642 de16e1b5ef4844c9b3619c6d0866a06c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 307908 3a4cfc236fd895b79aa34a61aa25f4ea\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-586tsc_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2452 448ea77ae78b84b31074c06310abff2d\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-686-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2466 630fcf555d96bbefe36adc031b1590dd\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 303850 d3105a688746ddd36d618018e9b53d1a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 296314 a124cb2d7c7cc1a0462f34f40f341eef\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2278 5747a8a13621d34006e02e12ddecfdf5\n http://security.debian.org/pool/updates/main/k/kernel-image-speakup-i386/kernel-headers-2.4.27-speakup_2.4.27-1.1sarge5_i386.deb\n Size/MD5 checksum: 4845086 75f294bc16c692a9d047cacfab9e843b\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-686_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33492 869083538e79481e56094549c5321cd0\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-386_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2446 d0f3f731301d12a7e83e0adc5e6faab5\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k7_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 12107272 6b1b8f925a1ff13b140f061215f47e09\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 163754 ac42725375d4e828b4220d84f7f92ef7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-686-smp_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 12700924 759c414f04d4765e26c2b40957fc9ab4\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-k7-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 168080 6dbbcfbcef54fcef4106675d84bf75c1\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-k7_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477716 568d8b1052dbaff75b1d08e75b503dc9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k6_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 301394 09804682d0b2db2150fab0a9bd95d163\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-k6_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2462 1f0c32839c6fac5010d7a37bd29ac335\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.6.8-4-386_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 147744 f4e889628f1479ca845848c374ba94d4\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k7_101sarge2_i386.deb\n Size/MD5 checksum: 2214 cceb0bf335f590d45b56060150be29e6\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-k7-smp_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 484410 1b0e0136ac477ad58a991da10fef9275\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-686_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 302266 db4c30615a7cbdd1dc4e81b23b5e9a03\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-686_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477742 b5fcc0041e57a89f2497a94934ab051f\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-k7-smp_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33500 84fe5e6f5efe32f98d65732bbfe658ab\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-686_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 302150 0acd56708c0e9b1eb13ed65c301eb4e5\n http://security.debian.org/pool/updates/main/l/lm-sensors/libsensors-dev_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 94012 2f7dd855a2776ace2161f61c9da880d4\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-586tsc_101sarge2_i386.deb\n Size/MD5 checksum: 2218 6c564fa8fbe8eb3fed7547f363a5f3d3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k7_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 302272 00ce79f3215cf690cd6f9a5d588fb46a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-k6_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 11725582 1a891346b963cea2591e0c2a2b40d418\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-headers-2.4-k7_101sarge2_i386.deb\n Size/MD5 checksum: 2228 e49a7f6a1ebf9217ca427fe98bef9ef5\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-pcmcia-modules-2.4-k6_101sarge2_i386.deb\n Size/MD5 checksum: 2212 c596e89ceb9694a47531542a81618fe8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-build-2.4.27-4_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 11964 5eaca507dc75c7dd8a5fea8a98adae17\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-k6_101sarge2_i386.deb\n Size/MD5 checksum: 2192 ed4d6c14605c790b4b1514479cf2a4dc\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-686_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2454 51c30ec77e9345f6eb930a2684cc72f9\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-k7_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33488 b83277fd8366c6120159be2d61c219cc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-386_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 271418 0ece32ae57e8bc07909d472a27f75fad\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors-2.4.27-4-586tsc_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 33506 b8318c2a64dfc2ed3a6997c958d2d4a8\n http://security.debian.org/pool/updates/main/m/mindi-kernel/mindi-kernel_2.4.27-2sarge5_i386.deb\n Size/MD5 checksum: 7773920 5ce6990c1c05480e64d479e63e8e573c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-pcmcia-modules-2.4.27-4-k6_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 290140 ac3904823f38ee87f5d474b97989f1b7\n http://security.debian.org/pool/updates/main/i/i2c/i2c-2.4.27-4-586tsc_2.9.1-1sarge2_i386.deb\n Size/MD5 checksum: 77644 e74884dab42407313589891ff9bab2ec\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-686-smp_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 484382 3ce4020ba4761da02bf838277169b514\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-i386/kernel-image-2.4-686-smp_101sarge2_i386.deb\n Size/MD5 checksum: 2274 a0ae0ea68ab8e0ad0b5c7ce84c648205\n http://security.debian.org/pool/updates/main/l/lm-sensors/lm-sensors_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 474474 1e8df851476f1d44b88888c9c67ea104\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-386_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 11052808 11a2d541ae4be60fc4ca0b012e040731\n http://security.debian.org/pool/updates/main/l/lm-sensors/sensord_2.9.1-1sarge4_i386.deb\n Size/MD5 checksum: 56474 1f0f3fa67108dbde771d44446870feb1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-headers-2.4.27-4-k7-smp_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 303960 a0124d96976fdb5295d88e4452c3e482\n http://security.debian.org/pool/updates/main/h/hostap-modules-i386/hostap-modules-2.4.27-4-k7-smp_0.3.7-1sarge3_i386.deb\n Size/MD5 checksum: 2466 b429be79430479aa6195e9be4df2df32\n http://security.debian.org/pool/updates/main/p/pcmcia-modules-2.4.27-i386/pcmcia-modules-2.4.27-4-386_3.2.5+2sarge2_i386.deb\n Size/MD5 checksum: 477778 b11e7c242050e16293ad1163f60770cb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386/kernel-image-2.4.27-4-586tsc_2.4.27-10sarge6_i386.deb\n Size/MD5 checksum: 12040558 85ecbc317471b19622aa4c881787ccc4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley-smp_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 8784 90ee1b2e9043eb5c304e341e4341f307\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 16989836 ac671a15b2e59ab7e740fba0a275fdeb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 244176 e992f7a9972a853416b9d661b9b1ed27\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 16635868 a9d4e077e6988de487f454462be71b29\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-itanium_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 16682160 4a0aad4af20efe7b377632b2fa1ecac7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-mckinley_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 244174 97772e1967c86e1049a31bc3945d55bc\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium-smp_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 8762 1798dbe17258645061927e62084de5eb\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_ia64.deb\n Size/MD5 checksum: 23596 0809bc03e9bbed87e20c1cd7a1775e57\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 245076 794bce10f1d65a28defc12609330a563\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-mckinley_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 8774 c8b8a58a500877b95d05baca618b177c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4-mckinley-smp_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 245194 d697c585822843bf50471b6e8d21242e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4.27-4-itanium-smp_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 17044112 c6b9372d496ca07bc3b67be07ebba31b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-image-2.4-itanium_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 8744 d80a7c62442813fb1e25bfee7f1f48b7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-headers-2.4.27-4_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 4762160 59ddcd5f8c89ceae7140b501cf215fa8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-ia64/kernel-build-2.4.27-4_2.4.27-10sarge6_ia64.deb\n Size/MD5 checksum: 8980 811a0f52aaf2699fcf5ce0b1f1a0bdbd\n\nm68k architecture (Motorola Mc680x0)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-amiga_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2636312 ebf015a5cde926e2203d59ca336859e7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mac_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2476770 5876a64c1242781d5f15351b3fe8f180\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme16x_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2395372 017278dac5baccad9a4b779d1863bf0f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-mvme147_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2323460 164b52f450e86d51b99bd8647fefed2d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-bvme6000_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2394638 73a3bbff4db6f767123d09be3656f6ff\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_m68k.deb\n Size/MD5 checksum: 17720 5a457bcf29fec4d35faecb504fff648a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-atari_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2543642 334a1c3125131e8844fb5de91fff3dd9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-m68k/kernel-image-2.4.27-q40_2.4.27-3sarge6_m68k.deb\n Size/MD5 checksum: 2260822 f5528d8ff99980a0f9bf3c8e8fc9e06c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-ip22_2.4.27-10.sarge4.040815-3_mips.deb\n Size/MD5 checksum: 3879754 69d856bdbd22525f9e04ddf072189f67\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-3_mips.deb\n Size/MD5 checksum: 4763440 587a59f384c23f18d6d9cfae96ebec35\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-3_mips.deb\n Size/MD5 checksum: 7223008 717e19d7db9d95429064ed8bc71410fe\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_mips.deb\n Size/MD5 checksum: 21544 8b2e659f7e486d086a876157faac6af2\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-ip22_2.4.27-10.sarge4.040815-3_mips.deb\n Size/MD5 checksum: 3878278 70aab4ac78bbbaf2efb8ab726df4ba00\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-lasat_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 2144874 50c5ff9db6a00ba939f7b7eb9a55814c\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r5k-cobalt_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 4112030 89122df58404e5d46f0a94f160066077\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-headers-2.4.27_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 4756972 b8024d146f7f13bded7a6424ddfa4135\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-xxs1500_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 4681486 f4fb5fab0de0a25fc7884c1c2f2f7340\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 21876 4ab08ad75e84cc2be8b05b9e4ba5e4ef\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r4k-kn04_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 3002730 79d768298894c6534408fa4867ab5b14\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-r3k-kn02_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 3042270 6a1ce29b2ce437516e64def1738c370f\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/kernel-image-2.4.27-sb1-swarm-bn_2.4.27-10.sarge4.040815-3_mipsel.deb\n Size/MD5 checksum: 7049768 2ceaae0ecc0f1feb753bdad506280185\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_powerpc.deb\n Size/MD5 checksum: 20340 7f20372a9ab62ca36586defd15b0a5ee\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-small_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 12763130 f7a7340904b21ed0a5486174ae810052\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc-smp_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 13795002 826cb8d8fa3d3c3cab66f89df073deeb\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-nubus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 1822940 205748952ae7948db55771e71ac21f56\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-powerpc_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 13490792 4f0010db40e43f778ce570e95a06551f\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-powerpc_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 12268 d5b7af76b08c231639d192940e81a43e\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-nubus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 12344 d068007806c2e699271c71508fc1e84b\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-powerpc_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 4874608 8707c0663aa5822a73d16352907c95eb\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-apus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 145224 7aaa0cf1c764ec0b8924787e61b638d4\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-nubus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 4767046 31d52974cc78bd5a3609a21da97971d3\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-patch-2.4.27-apus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 69216 29e20e7d40917be81aa249d8bf88194f\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-image-2.4.27-apus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 2505832 7a648cfd329f18cd56f758c5365a3c8c\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-headers-2.4.27-apus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 4758074 63ed1a37308075d0b9c85dacb3025f87\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-smp_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 158946 ab63071c1853718aecce65cd3a33e1a2\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-nubus_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 145044 a36ed8999258cfb8519c7b46a22e0e17\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 158876 436532d564b7c34fe9ff134c44b28ac2\n http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.4.27/kernel-build-2.4.27-powerpc-small_2.4.27-10sarge6_powerpc.deb\n Size/MD5 checksum: 159174 4562756f69ef7a3c639334b3dece3835\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-4-s390-tape_2.4.27-2sarge6_s390.deb\n Size/MD5 checksum: 997526 9d7687e5a7d1d6930f9b12c8dbd2da86\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-4-s390x_2.4.27-2sarge6_s390.deb\n Size/MD5 checksum: 2977638 d0e71d007359ea5fd412814b6307e05b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-headers-2.4.27-4_2.4.27-2sarge6_s390.deb\n Size/MD5 checksum: 4653304 1ef9845750b94c5034c83c9fbca61680\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-headers-2.4-s390_2.4.27-1sarge2_s390.deb\n Size/MD5 checksum: 1916 5f3a222f65f28cc02c3dac36d9fae589\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390x_2.4.27-1sarge2_s390.deb\n Size/MD5 checksum: 1904 e82185af5c4ffc366c91a62c3710b0f7\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_s390.deb\n Size/MD5 checksum: 20724 35eee44d510c23faa0d5980c8e042eed\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-s390/kernel-image-2.4.27-4-s390_2.4.27-2sarge6_s390.deb\n Size/MD5 checksum: 2785758 f0ee3b3b6eb3ff47a5ab1c8bff6541f5\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-s390/kernel-image-2.4-s390_2.4.27-1sarge2_s390.deb\n Size/MD5 checksum: 1902 e50783f20196403fdb201296faa5f955\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2224 3640903c50cf3f5ac3ca07e4f1a23e4c\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2228 e25173a6212f5788a1eee7272033d92e\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc32_42sarge3_sparc.deb\n Size/MD5 checksum: 2208 2245a85962621b06eab854d81f5e2bd9\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-image-2.4-sparc64_42sarge3_sparc.deb\n Size/MD5 checksum: 2210 c67bc9270fa69033579ded9a949b0c40\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc32-smp_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 3796458 c3c25c364e5c6c8eaf5fc73c95d53095\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc32_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 166596 ee5ba57e8ee80b5e7aedd28223db597f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc64_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 204932 f8d2bd0fa36e751487006104cad3edc8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc64-smp_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 206334 a659ec6ca6d0fbd1514c5423bac879e9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 2063174 5f91e658e46a6d7b7bdf184bc51d5868\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2238 59514eec80d5fdf2e92cb943c50eb9b9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-headers-2.4.27-4-sparc32-smp_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 168392 a0c16b5ed34ca2a6f7b2ed8bdab19f84\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc32_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 3607258 a5c1e2b59cb0c343a22ea70a1c125692\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32-smp_42sarge3_sparc.deb\n Size/MD5 checksum: 2238 b603643edb3cdd828155317d85cc46ef\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc64_42sarge3_sparc.deb\n Size/MD5 checksum: 2228 aac7dfd77156b6b90ca18fc8c1cff974\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.27-mips/mips-tools_2.4.27-10.sarge4.040815-3_sparc.deb\n Size/MD5 checksum: 19570 151b78bcb24f03464721cd886ccd9a85\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-build-2.4.27-4_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 12010 a1c148d768477fc35842fdd0250869d6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc64_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 6390868 95135f6d77474f138d24322ccb7d505f\n http://security.debian.org/pool/updates/main/k/kernel-latest-2.4-sparc/kernel-headers-2.4-sparc32_42sarge3_sparc.deb\n Size/MD5 checksum: 2232 746057a5e29dbdb064bcf4b772d7bf99\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-sparc/kernel-image-2.4.27-4-sparc64-smp_2.4.27-9sarge6_sparc.deb\n Size/MD5 checksum: 6555152 1df415fa9711c74f3c344271bf8ecf0d\n\n\n These files will probably be moved into the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 7, "modified": "2008-02-22T20:56:25", "published": "2008-02-22T20:56:25", "id": "DEBIAN:DSA-1503-1:0C4D4", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00067.html", "title": "[SECURITY] [DSA 1503-1] New Linux kernel 2.4.27 packages fix several issues", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-30T02:21:54", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1381-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nOctober 2nd, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : several\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093\n\nSeveral local vulnerabilities have been discovered in the Linux kernel\nthat may lead to a denial of service or the execution of arbitrary\ncode. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2006-5755\n\n The NT bit maybe leaked into the next task which can local attackers\n to cause a Denial of Service (crash) on systems which run the 'amd64'\n flavour kernel. The stable distribution ('etch') was not believed to\n be vulnerable to this issue at the time of release, however Bastian\n Blank discovered that this issue still applied to the 'xen-amd64' and\n 'xen-vserver-amd64' flavours, and is resolved by this DSA.\n\nCVE-2007-4133\n\n Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\n local users to trigger a BUG_ON() call in exit_mmap.\n\nCVE-2007-4573\n\n Wojciech Purczynski discovered a vulnerability that can be exploited\n by a local user to obtain superuser privileges on x86_64 systems.\n This resulted from improper clearing of the high bits of registers\n during ia32 system call emulation. This vulnerability is relevant\n to the Debian amd64 port as well as users of the i386 port who run\n the amd64 linux-image flavour.\n\n DSA-1378 resolved this problem for the 'amd64' flavour kernels, but\n Tim Wickberg and Ralf Hemmenst\u00c3dt reported an outstanding issue with\n the 'xen-amd64' and 'xen-vserver-amd64' issues that is resolved by\n this DSA.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nThese problems have been fixed in the stable distribution in version \n2.6.18.dfsg.1-13etch4.\n\nAt the time of this DSA, only the build for the amd64 architecture is\navailable. Due to the severity of the amd64-specific issues, we are\nreleasing an incomplete update. This advisory will be updated once\nother architecture builds become available.\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc\n Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz\n Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ etch/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 15, "modified": "2007-10-03T00:00:00", "published": "2007-10-03T00:00:00", "id": "DEBIAN:DSA-1381-1:B1830", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00152.html", "title": "[SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:30:32", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1381-2 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nOctober 12th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : several\nProblem-Type : local\nDebian-specific: no\nCVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093\n\nSeveral local vulnerabilities have been discovered in the Linux kernel\nthat may lead to a denial of service or the execution of arbitrary\ncode. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2006-5755\n\n The NT bit maybe leaked into the next task which can local attackers\n to cause a Denial of Service (crash) on systems which run the 'amd64'\n flavour kernel. The stable distribution ('etch') was not believed to\n be vulnerable to this issue at the time of release, however Bastian\n Blank discovered that this issue still applied to the 'xen-amd64' and\n 'xen-vserver-amd64' flavours, and is resolved by this DSA.\n\nCVE-2007-4133\n\n Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\n local users to trigger a BUG_ON() call in exit_mmap.\n\nCVE-2007-4573\n\n Wojciech Purczynski discovered a vulnerability that can be exploited\n by a local user to obtain superuser privileges on x86_64 systems.\n This resulted from improper clearing of the high bits of registers\n during ia32 system call emulation. This vulnerability is relevant\n to the Debian amd64 port as well as users of the i386 port who run\n the amd64 linux-image flavour.\n\n DSA-1378 resolved this problem for the 'amd64' flavour kernels, but\n Tim Wickberg and Ralf Hemmenst\u00c3dt reported an outstanding issue with\n the 'xen-amd64' and 'xen-vserver-amd64' issues that is resolved by\n this DSA.\n\nCVE-2007-5093\n\n Alex Smith discovered an issue with the pwc driver for certain webcam\n devices. If the device is removed while a userspace application has it\n open, the driver will wait for userspace to close the device, resulting\n in a blocked USB subsystem. This issue is of low security impact as\n it requires the attacker to either have physical access to the system\n or to convince a user with local access to remove the device on their\n behalf.\n \nThese problems have been fixed in the stable distribution in version \n2.6.18.dfsg.1-13etch4.\n\nThis is an update to DSA-1381-1 which included only amd64 binaries for\nlinux-2.6. Builds for all other architectures are now available, as well as\nrebuilds of ancillary packages that make use of the included linux source.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 4.0 (etch)\n fai-kernels 1.17+etch.13etch4\n kernel-patch-openvz 028.18.1etch5\n user-mode-linux 2.6.18-1um-2etch.13etch4\n\nWe recommend that you upgrade your kernel package immediately and reboot\nthe machine. If you have built a custom kernel from the kernel source\npackage, you will need to rebuild to take advantage of these fixes.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4.dsc\n Size/MD5 checksum: 740 6dd1d21aea0566d84f12a4dcffa7d791\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4.tar.gz\n Size/MD5 checksum: 54614 886f8a7388d3063b30cbab365c9fd4cb\n http://security.debian.org/pool/updates/main/k/kernel-patch-openvz/kernel-patch-openvz_028.18.1etch5.dsc\n Size/MD5 checksum: 588 409655afa6a2969a5a2fae79c767c9cc\n http://security.debian.org/pool/updates/main/k/kernel-patch-openvz/kernel-patch-openvz_028.18.1etch5.tar.gz\n Size/MD5 checksum: 1578706 5a8084827360750b14648d5b997647e4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc\n Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz\n Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.13etch4.dsc\n Size/MD5 checksum: 892 7e1a9aca25b3277719874aeaec5e4ee9\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.13etch4.diff.gz\n Size/MD5 checksum: 14585 240a656f82ad1593324edc9a8a4c1370\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um.orig.tar.gz\n Size/MD5 checksum: 14435 4d10c30313e11a24621f7218c31f3582\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-openvz/kernel-patch-openvz_028.18.1etch5_all.deb\n Size/MD5 checksum: 1583630 db89389fec39e4a856cda780fed0b728\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\n Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 3025068 73b98089604d45b4e34debad53a7ec93\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 51410 6b4c0bfb818554208be3f9d6f73001eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-alpha_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 51454 05b5524672491f412fdfd9023122a73b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-alpha-generic_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 264304 4db07fccf48036f262196db448122749\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-alpha-legacy_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 264650 90cf3d0b7632bfe5842f46129d116552\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-alpha-smp_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 263718 a8322f28c2d12ff79207fc41cabcb33c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 3049086 4654cb1e62077ffb3f8e8563560f5c41\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-alpha_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 265108 7a1d22acc4f23fc3e90a675362123d44\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-alpha-generic_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23485516 6883ad14986b1e0aff2b619ea5f539c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-alpha-legacy_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23464768 84ff8937d7a9a5149319d73f68f84b2b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-alpha-smp_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23839988 7bbd0790ba73299826b1cc9d377096f5\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-alpha_2.6.18.dfsg.1-13etch4_alpha.deb\n Size/MD5 checksum: 23529978 a657aeab02b7b31e9e84dee7385e1f99\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4_amd64.deb\n Size/MD5 checksum: 5954146 54c67b5839f1b77ab8fbad0992881f46\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\n Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 3407364 f4f146f2fc47b3e4735c5573026dc219\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 51428 23eeb0e5e48e4e1aaa86d34c56d22d7e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-arm_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 51472 173dfc6307b31dcb9e6c6ad0e10d857a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-footbridge_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 230506 969f06fec9ab5b8865aced3cee9466cf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-iop32x_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 231032 a44db3ae062cfd0a55724b5f8eb5840f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-ixp4xx_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 236006 fac614b131423f3aac4f5929cb1b4210\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-rpc_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 195608 1fa746211f6b1a06b2a381f44fa6ea9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-s3c2410_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 200820 0fdebc68ba162f78fae0a5d013b0d671\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-footbridge_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 7556486 aef8840fc034e37a3bac3a8ec506f8b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-iop32x_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 7914620 3e2d3b73ac9ff21b36c963fef6fbac32\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-ixp4xx_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 8853810 e1df6094cf944c4ddd3696d2fac13dda\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-rpc_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 4579622 498effbf28a88fdc9ebe47a33c711b6a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s3c2410_2.6.18.dfsg.1-13etch4_arm.deb\n Size/MD5 checksum: 5003752 52305b4a34dc1a77ddd6aaa47370176b\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 2965090 85d54d6c0d233c2b41b4b2fa6b258613\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 51524 69a8212893df07526b6b4934f0ddc1f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-hppa_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 51552 f609ed50c4d0b850679a0fbcfe842ed0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 189156 ce7c28e8eb2814e3ae57eeaf727cdf7d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 190072 a4b883240aaa377bf504cfbd1dedf592\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc64_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 189798 2c4f651075d727301c8d980520b469f6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-parisc64-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 190518 359439df087ee5657484ccc0c212dddc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 10498964 89b3c4a8a1e248f537cbd19492fa809a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 10940750 ba06ca7732dfbd11885530113adb9503\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc64_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 11346730 88376e832d7108b10f642e30c62d486f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-parisc64-smp_2.6.18.dfsg.1-13etch4_hppa.deb\n Size/MD5 checksum: 11752568 46f4bb8a4b9ce9b6f18044a02bb0f9a1\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4_i386.deb\n Size/MD5 checksum: 5500882 34b990b6e91c480d2775d89e32ce437d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3165366 da8e35820741f11bb6294fdbcc744703\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-486_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 279522 329b2d702f32b3ad48bcb46d01f5314c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 276154 1b9448c7bd3bde437ab6a938064873f2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-686-bigmem_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 276660 ca56f56b7a8976014f98def299592fd4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51520 ded0b906ba23835ab08bcd9c50f86485\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-i386_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51572 ca29d913506d4605c548b40f09142e82\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 269976 318af48160923c29422b31d73f91ade4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 275906 8d7f6f03ca00393f3965dcdfcda00774\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3051664 1c1d62ef7db29003ad4f1da99a24b65f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 275268 de725a7b4623d4219793b20be56db881\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 275234 eda8fbe5a6db4c9b64883ef2834ac829\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3145888 12bcb2f8010a245ae7af452beb1cc290\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 270752 2db897f2a802eeac160af8c267b9c6eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 3168122 85b2b60232ede47e610634ccd71bbca1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 271024 6da5e709b3c9923966197d95c4b23610\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-486_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16170710 9109283c0e49d2968b5f36af7958b671\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16319840 6b800f593454b8683d0f8cfd169fc96a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-686-bigmem_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16385948 4498832b220546242c2a3ac1190fa2e1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16816550 409ac0482522377d01a9d28bf31beeb0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16451472 fcfc3df511cdb7264dd4346e2ba2c3f6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16360708 2a35e8f6dc5c09730e3465ede7fc04e0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-k7_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 16489340 a4834981ad3f1b2971d06900efb7a3e8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 1297094 1140c4de7a2041e507b9cc4b3eb985c8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 1324284 e0c75d7db0af2edd6f01ffcde6c05773\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 14259342 3a401200f009a80f6fd7a7f7e74e2c45\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 14273216 0b06968bd3d0125595fda63d641ed24a\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51496 f517e965c35f6b850678088d29741dc4\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-686_2.6.18.dfsg.1-13etch4_i386.deb\n Size/MD5 checksum: 51510 46c0d9815c13f36668c46565c82f5dac\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.18-1um-2etch.13etch4_i386.deb\n Size/MD5 checksum: 25581732 39fc9a71734345a268001c668cc515e1\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 3079236 a4638eccc104fc8c61966eac89a18deb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 51516 fd1c5d4d5487b8432df36711e51dd655\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-ia64_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 51542 4f886289d99750be07d1ab6ed9c88f75\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-itanium_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 252570 974a03c2e115156ff57847e6776dc438\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-mckinley_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 252544 6c039f749900e30cec4f1746b6f0acc9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-itanium_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 28007402 6299af0cd9fee918dc384cf8f711a00f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-mckinley_2.6.18.dfsg.1-13etch4_ia64.deb\n Size/MD5 checksum: 28177850 f877dd23c8eff90e7bb6c3a39fbcfcd8\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 3347246 7fbe627505d90cbd62218a18014f7e20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 51526 f0ccbbecc78db4ea8038dccd33df8477\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-mips_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 51572 f2f537ae2a1f6627d435e769e86d4fbb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 146994 21364f39fc4880f9270ef133fdcb7794\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r4k-ip22_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 157492 2e47f78046bcaa166da991809be35ae7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r5k-ip32_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 161744 62d0fe8e33c7f10d7d547dad25c0f3ab\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 180416 f94a5020e5238a7e64e88fe562d70860\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 180084 4041fea235b4152a45ffc4b160762a86\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 6091242 d577eb7d6dcd2dc0a69d05149483a953\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r4k-ip22_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 8271564 23d398483ff138b6491033c37c403cae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r5k-ip32_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 9039450 eea022877f831c0a18d2a410d64f563a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 15637442 b405dad922461f2f3222ec5c4d8a037f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mips.deb\n Size/MD5 checksum: 15607876 b1f1f38893955a8b094a4810dcaea9cf\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 3347390 558a640988696187cefd9f8e14a92065\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 51524 933f69c20738341d7a2452afc7db91cb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-mipsel_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 51582 7b00aa29821ad438977c0dbd4ec0287c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 147114 8600c8ce1b9c638b85afd6ac21e76842\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r3k-kn02_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 153250 a6b9937ef3f786bef498f5c369b0d00d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r4k-kn04_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 153286 c6e8a5db9e1e8a56253fd37face7946c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-r5k-cobalt_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 175422 fd74b2b5ab09550132e1921823d62831\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 180244 825dceb4306471d260e39affdff163b0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 180136 d31f477892e5b04411f9cfc62e08f3a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-qemu_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 6025518 adfee8cd9e64705fc709f028b4fc2a17\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r3k-kn02_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 5937772 4dca97a5b95b72b7267679d268ff629f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r4k-kn04_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 5922552 87a2fdc06ba3bbdf6e20567a86b38cb8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-r5k-cobalt_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 9858294 ebc487d04ce63659d6911e446c45c6a8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1-bcm91250a_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 15053180 c721161996bfb8ba997c953c9e73ec8a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sb1a-bcm91480b_2.6.18.dfsg.1-13etch4_mipsel.deb\n Size/MD5 checksum: 15021258 3614d048fc8af68bc555858dbecce769\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.17+etch.13etch4_powerpc.deb\n Size/MD5 checksum: 3364372 0f765a61bef198aaf3ac3b30f77a8567\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 3389590 aab3e60601c4a6d0a72d11754ba056b1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 51526 88bffdc4698d42a1d85874ef5b13d714\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 51580 8b0e141d6b8ac75fbbccb9fd36943c8e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 248506 ce7f8ae35564cc5d97f9caa194835844\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc-miboot_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 226300 235f2fecca146c366ec5c1e34f5a04cf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc-smp_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 248866 6c7d90c1044851b6e708b2ccfb981853\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 249206 0290d0dfb75b421a2935851692636cd1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-prep_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 244256 3c6cf4f09ff614603b012ebbe482a15a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 3411920 edfc95ee1df72f739b32ffb7a069fdf4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 249132 155392e599b178cec9d8af983e335db1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 249934 1b799b09fe208d308c23fd6f5a7a4cde\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 16624172 afe39ff92b464bb3a39473b02c4329b1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc-miboot_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 15151294 c5ace72ce905c1283cf7a94a8c920d72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc-smp_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 16961188 765b828b2c0b14cefbf46f871f162970\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 18291464 aebaa9b09032be8f562da28e522b9c0d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-prep_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 16397186 2a54060107b11d0164688acc2ba8de1c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-powerpc_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 17009942 36ccae1eb7d14dc8c27b2740b8f35481\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-powerpc64_2.6.18.dfsg.1-13etch4_powerpc.deb\n Size/MD5 checksum: 18341830 2efaade92def4590bcd87b795cdb8f57\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 2940424 c7f344ef4cb526aa545d03a5f9526849\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 51522 44760992fd3f18e5408902893325cf20\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-s390_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 51542 93d575c0a46c3c1b58b95aabfab3fdc8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-s390_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 140032 face1dcfd1a3375c03e92d9fa7bfde52\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 140490 43f1ff5cb4388a0c6c8d55beea438a4c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 2963482 3c8d8fd99d59bdab8123b4ccf0a71b16\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 141450 513f1c6678c58d94bf49d3992a431dd2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s390_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 5399154 d8c384e5aeab253abdc36c5b50655a88\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s390-tape_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 1435992 33ffcb2539743c0c3f3051ddf7adee8b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 5614894 58799b2825fcc98b92a64c097bfa946c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-s390x_2.6.18.dfsg.1-13etch4_s390.deb\n Size/MD5 checksum: 5659660 39eaba8923b1eba78f2ccdf615adcf64\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 3165560 e5c0b823ae957939f7709d0ca3d31a64\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 51530 6ab2303072194e3f673c90cfc0cf8781\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-sparc_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 51562 08ea17efc9d32d1c2fc26ad53824a221\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sparc32_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 162930 581248a51779959e78652ea9fc2c9ead\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 191876 f099a319d56bb3c964ec539a13306f0e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-sparc64-smp_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 192598 473d3ba3db45b0badc18a384b11488a4\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 3187862 5def64dd7a1ba241347108892210f357\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 193026 6adb99608f6c1a5109556ffe5697c485\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sparc32_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 6406814 08420a3fc961165cb6dc7976d0fcaa75\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 10353400 776cb8fee970fcb02649127deb43d753\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-sparc64-smp_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 10610728 a102932dd3087e8d03882e483ecd2890\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-sparc64_2.6.18.dfsg.1-13etch4_sparc.deb\n Size/MD5 checksum: 10656188 6a6e62e1f1b56d4a7ca33ef925e6aa0a\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ etch/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 20, "modified": "2007-10-12T00:00:00", "published": "2007-10-12T00:00:00", "id": "DEBIAN:DSA-1381-2:956ED", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00159.html", "title": "[SECURITY] [DSA 1381-2] New Linux 2.6.18 packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:50:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-4311", "CVE-2007-1353", "CVE-2006-4814", "CVE-2007-6151", "CVE-2004-2731", "CVE-2006-6106", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-1592", "CVE-2006-6053", "CVE-2007-6206", "CVE-2006-5753", "CVE-2006-5823", "CVE-2007-6694", "CVE-2007-2525", "CVE-2007-6063"], "description": "The remote host is missing an update to kernel-source-2.4.27 (2.4.27-10sarge7)\nannounced via advisory DSA 1503-2.", "modified": "2017-07-07T00:00:00", "published": "2008-03-11T00:00:00", "id": "OPENVAS:60498", "href": "http://plugins.openvas.org/nasl.php?oid=60498", "type": "openvas", "title": "Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7))", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1503_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7))\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode.\n\nThe package versions referenced in the initial DSA-1503 advisory\nintroduced a regression that can cause hangs on systems that make use of\nthe ext2 filesystem. The regression has been resolved in the package\nversions referenced by this updated advisory.\n\nFor details, please visit the referenced security advisories.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\nDebian 3.1 (sarge)\nalsa-modules-i386 1.0.8+2sarge2\nfai-kernels 1.9.1sarge9\nkernel-image-2.4.27-arm 2.4.27-2sarge7\nkernel-image-2.4.27-m68k 2.4.27-3sarge7\nkernel-image-speakup-i386 2.4.27-1.1sarge6\nkernel-image-2.4.27-alpha 2.4.27-10sarge7\nkernel-image-2.4.27-s390 2.4.27-2sarge7\nkernel-image-2.4.27-sparc 2.4.27-9sarge7\nkernel-image-2.4.27-i386 2.4.27-10sarge7\nkernel-image-2.4.27-ia64 2.4.27-10sarge7\nkernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-4\nkernel-patch-powerpc-2.4.27 2.4.27-10sarge7\nkernel-latest-2.4-alpha 101sarge3\nkernel-latest-2.4-i386 101sarge2\nkernel-latest-2.4-s390 2.4.27-1sarge2\nkernel-latest-2.4-sparc 42sarge3\ni2c 1:2.9.1-1sarge2\nlm-sensors 1:2.9.1-1sarge4\nmindi-kernel 2.4.27-2sarge6\npcmcia-modules-2.4.27-i386 3.2.5+2sarge2\nhostap-modules-i386 1:0.3.7-1sarge3\nsystemimager 3.2.3-6sarge6\n\nWe recommend that you upgrade your kernel package immediately and reboot\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.27 (2.4.27-10sarge7)\nannounced via advisory DSA 1503-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201503-2\";\n\n\nif(description)\n{\n script_id(60498);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-03-11 21:16:32 +0100 (Tue, 11 Mar 2008)\");\n script_cve_id(\"CVE-2004-2731\", \"CVE-2006-4814\", \"CVE-2006-5753\", \"CVE-2006-5823\", \"CVE-2006-6053\", \"CVE-2006-6054\", \"CVE-2006-6106\", \"CVE-2007-1353\", \"CVE-2007-1592\", \"CVE-2007-2172\", \"CVE-2007-2525\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-4311\", \"CVE-2007-5093\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6694\", \"CVE-2008-0007\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1503-2 (kernel-source-2.4.27 (2.4.27-10sarge7))\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"systemimager-server-flamethrowerd\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-boot-i386-standard\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.27\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-server\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-boot-ia64-standard\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-debian-2.4.27\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-doc\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-tree-2.4.27\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.27\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-client\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-common\", ver:\"3.2.3-6sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.27-speakup\", ver:\"2.4.27-1.1sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-source\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4-i2c\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4-lm-sensors\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-source\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-generic\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-4\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-generic\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mips-tools\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-generic\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-smp\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-generic\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-smp\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsensors-dev\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsensors3\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sensord\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-bast\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-riscstation\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-lart\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-riscpc\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-netwinder\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-586tsc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-386\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-686\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-586tsc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-686-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-k6\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-686\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-k7\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-686-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-686-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-386\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-k7\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-speakup\", ver:\"2.4.27-1.1sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-k6\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"fai-kernels\", ver:\"1.9.1sarge9\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-686\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-k7-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-k7-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-386\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-k7-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-k6\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-586tsc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-speakup\", ver:\"2.4.27-1.1sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-k7\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mindi-kernel\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-386\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-586tsc\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-686\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-686-smp\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-k6\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-k7\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4-k7-smp\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-386\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-586tsc\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-686\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-686-smp\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-k6\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-k7\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-3-k7-smp\", ver:\"1.0.8+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-386\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-586tsc\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-686\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-686-smp\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-k6\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-k7\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"alsa-modules-2.4.27-4-k7-smp\", ver:\"1.0.8+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-386\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-586tsc\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-686\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-686-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-k6\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-k7\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-k7-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-386\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-586tsc\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-686\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-686-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-k6\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-k7\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-k7-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-386\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-586tsc\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-686\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-686-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-k6\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-k7\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-k7-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-386\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-586tsc\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-686\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-686-smp\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-k6\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-k7\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-3-k7-smp\", ver:\"2.9.1-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-386\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-586tsc\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-686\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-686-smp\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-k6\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-k7\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-k7-smp\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-386\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-586tsc\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-686\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-686-smp\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-k6\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-k7\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-2-k7-smp\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-386\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-586tsc\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-686\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-686-smp\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-k6\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-k7\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-3-k7-smp\", ver:\"2.9.1-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-386\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-586tsc\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-686\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-686-smp\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-k6\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-k7\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-k7-smp\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-386\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-586tsc\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-686\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-686-smp\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-k6\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-k7\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-3-k7-smp\", ver:\"3.2.5+2sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-386\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-586tsc\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-686\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-686-smp\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-k6\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-k7\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-k7-smp\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-386\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-586tsc\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-686\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-686-smp\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-k6\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-k7\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-3-k7-smp\", ver:\"0.3.7-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-386\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-586tsc\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-686\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-686-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-k6\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-k7\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-k7-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-3-386\", ver:\"0.3.7-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-3-686\", ver:\"0.3.7-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-3-686-smp\", ver:\"0.3.7-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-3-k7\", ver:\"0.3.7-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-3-k7-smp\", ver:\"0.3.7-1sarge1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-386\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-686\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-686-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-k7\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-k7-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-mckinley\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-itanium-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-mckinley-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-itanium-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-itanium-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-itanium\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-itanium\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-itanium\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-mckinley-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-mckinley-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-mckinley\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-mckinley\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-mvme16x\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-mac\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-atari\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-mvme147\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-q40\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-amiga\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-bvme6000\", ver:\"2.4.27-3sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-sb1-swarm-bn\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r5k-ip22\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r4k-ip22\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r5k-cobalt\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r5k-lasat\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-xxs1500\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r3k-kn02\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r4k-kn04\", ver:\"2.4.27-10.sarge4.040815-4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-powerpc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-powerpc-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-apus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-powerpc-small\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-powerpc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.27-powerpc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.27-nubus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-apus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.27-apus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-nubus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-nubus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-powerpc-smp\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-powerpc\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-powerpc-small\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-apus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-nubus\", ver:\"2.4.27-10sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-s390-tape\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-s390x\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-s390\", ver:\"2.4.27-2sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-s390\", ver:\"2.4.27-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-s390\", ver:\"2.4.27-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-s390x\", ver:\"2.4.27-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc32\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc32\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc64\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc32-smp\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc64-smp\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc32-smp\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc64-smp\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc64\", ver:\"2.4.27-9sarge7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc32\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc32-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc64\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc64-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc32\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc32-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc64\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc64-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2006-6054", "CVE-2007-3848", "CVE-2007-4311", "CVE-2007-1353", "CVE-2006-4814", "CVE-2007-6151", "CVE-2004-2731", "CVE-2006-6106", "CVE-2007-5093", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-1592", "CVE-2006-6053", "CVE-2007-6206", "CVE-2006-5753", "CVE-2006-5823", "CVE-2007-6694", "CVE-2007-2525", "CVE-2007-6063"], "description": "The remote host is missing an update to kernel-source-2.4.27 (2.4.27-10sarge6)\nannounced via advisory DSA 1503-1.", "modified": "2017-07-07T00:00:00", "published": "2008-02-28T00:00:00", "id": "OPENVAS:60437", "href": "http://plugins.openvas.org/nasl.php?oid=60437", "type": "openvas", "title": "Debian Security Advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6))", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1503_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6))\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several local and remote vulnerabilities have been discovered in the Linux\nkernel that may lead to a denial of service or the execution of arbitrary\ncode. For complete details, please visit the referenced security\nadvisories.\n\nThe following matrix lists additional packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\nDebian 3.1 (sarge)\nalsa-modules-i386 1.0.8+2sarge2\nkernel-image-2.4.27-arm 2.4.27-2sarge6\nkernel-image-2.4.27-m68k 2.4.27-3sarge6\nkernel-image-speakup-i386 2.4.27-1.1sarge5\nkernel-image-2.4.27-alpha 2.4.27-10sarge6\nkernel-image-2.4.27-s390 2.4.27-2sarge6\nkernel-image-2.4.27-sparc 2.4.27-9sarge6\nkernel-image-2.4.27-i386 2.4.27-10sarge6\nkernel-image-2.4.27-ia64 2.4.27-10sarge6\nkernel-patch-2.4.27-mips 2.4.27-10.sarge4.040815-3\nkernel-patch-powerpc-2.4.27 2.4.27-10sarge6\nkernel-latest-2.4-alpha 101sarge3\nkernel-latest-2.4-i386 101sarge2\nkernel-latest-2.4-s390 2.4.27-1sarge2\nkernel-latest-2.4-sparc 42sarge3\ni2c 1:2.9.1-1sarge2\nlm-sensors 1:2.9.1-1sarge4\nmindi-kernel 2.4.27-2sarge5\npcmcia-modules-2.4.27-i386 3.2.5+2sarge2\nhostap-modules-i386 1:0.3.7-1sarge3\nsystemimager 3.2.3-6sarge5\n\nWe recommend that you upgrade your kernel package immediately and reboot\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.27 (2.4.27-10sarge6)\nannounced via advisory DSA 1503-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201503-1\";\n\n\nif(description)\n{\n script_id(60437);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-28 02:09:28 +0100 (Thu, 28 Feb 2008)\");\n script_cve_id(\"CVE-2004-2731\", \"CVE-2006-4814\", \"CVE-2006-5753\", \"CVE-2006-5823\", \"CVE-2006-6053\", \"CVE-2006-6054\", \"CVE-2006-6106\", \"CVE-2007-1353\", \"CVE-2007-1592\", \"CVE-2007-2172\", \"CVE-2007-2525\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-4311\", \"CVE-2007-5093\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2007-6694\", \"CVE-2008-0007\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1503-1 (kernel-source-2.4.27 (2.4.27-10sarge6))\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"i2c-source\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.27-speakup\", ver:\"2.4.27-1.1sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-server\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-debian-2.4.27\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4-lm-sensors\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-tree-2.4.27\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.27\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-client\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-server-flamethrowerd\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-boot-ia64-standard\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4-i2c\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.27\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-doc\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-source\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-boot-i386-standard\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"systemimager-common\", ver:\"3.2.3-6sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-generic\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-generic\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-4\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mips-tools\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-generic\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-smp\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-smp\", ver:\"101sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-generic\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-bast\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-lart\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-riscpc\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-netwinder\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-riscstation\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-k7\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-386\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-k7-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-k7\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-686\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-k7\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-speakup\", ver:\"2.4.27-1.1sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-386\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-686\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-k7-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-386\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-586tsc\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-k6\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-k7-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-686\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-686\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-k6\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-386\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-k7-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-586tsc\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-686-smp\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsensors3\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-586tsc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-686\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-386\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-k6\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-686-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-386\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-k7-smp\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-686-smp\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-686\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-586tsc\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-686-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-k7\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-686-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-k6\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-686-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-586tsc\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-686-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-686-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-586tsc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-k7-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-speakup\", ver:\"2.4.27-1.1sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-686\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-386\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-k7\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-k7\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-686-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-k7-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-k7\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-k6\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-k6\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.6.8-4-386\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-k7\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-k7-smp\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-686\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-686\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-k7-smp\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-686\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsensors-dev\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-586tsc\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-k7\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-k6\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-k7\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4-k6\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-k6\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-686\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-k7\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-386\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors-2.4.27-4-586tsc\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mindi-kernel\", ver:\"2.4.27-2sarge5\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.27-4-k6\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"i2c-2.4.27-4-586tsc\", ver:\"2.9.1-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-686-smp\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-686-smp\", ver:\"101sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lm-sensors\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-386\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sensord\", ver:\"2.9.1-1sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-k7-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"hostap-modules-2.4.27-4-k7-smp\", ver:\"0.3.7-1sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.4.27-4-386\", ver:\"3.2.5+2sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-586tsc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-mckinley-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-mckinley-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-itanium\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-mckinley\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-itanium\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-mckinley\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-itanium-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-itanium-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-mckinley\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-mckinley-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-itanium-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-itanium\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-amiga\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-mac\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-mvme16x\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-mvme147\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-bvme6000\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-atari\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-q40\", ver:\"2.4.27-3sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r5k-ip22\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-sb1-swarm-bn\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r4k-ip22\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r5k-lasat\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r5k-cobalt\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-xxs1500\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r4k-kn04\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-r3k-kn02\", ver:\"2.4.27-10.sarge4.040815-3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-powerpc-small\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-powerpc-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-nubus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-powerpc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.27-powerpc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.27-nubus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-powerpc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-apus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-nubus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.27-apus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-apus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-apus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-powerpc-smp\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-nubus\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-powerpc\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-build-2.4.27-powerpc-small\", ver:\"2.4.27-10sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-s390-tape\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-s390x\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-s390\", ver:\"2.4.27-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-s390x\", ver:\"2.4.27-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-s390\", ver:\"2.4.27-2sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-s390\", ver:\"2.4.27-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc64-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc32-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc32\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4-sparc64\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc32-smp\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc32\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc64\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc64-smp\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc64-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.27-4-sparc32-smp\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc32\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc32-smp\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc64\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc64\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4-sparc32\", ver:\"42sarge3\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.27-4-sparc64-smp\", ver:\"2.4.27-9sarge6\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:41:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "Check for the Version of kernel", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880316", "type": "openvas", "title": "CentOS Update for kernel CESA-2007:1049 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2007:1049 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n A flaw was found in the handling of process death signals. This allowed a\n local user to send arbitrary signals to the suid-process executed by that\n user. A successful exploitation of this flaw depends on the structure of\n the suid-program and its signal handling. (CVE-2007-3848, Important)\n \n A flaw was found in the IPv4 forwarding base. This allowed a local user to\n cause a denial of service. (CVE-2007-2172, Important) \n \n A flaw was found where a corrupted executable file could cause cross-region\n memory mappings on Itanium systems. This allowed a local user to cause a\n denial of service. (CVE-2006-4538, Moderate) \n \n A flaw was found in the stack expansion when using the hugetlb kernel on\n PowerPC systems. This allowed a local user to cause a denial of service.\n (CVE-2007-3739, Moderate) \n \n A flaw was found in the aacraid SCSI driver. This allowed a local user to\n make ioctl calls to the driver that should be restricted to privileged\n users. (CVE-2007-4308, Moderate) \n \n As well, these updated packages fix the following bug:\n \n * a bug in the TCP header prediction code may have caused "TCP: Treason\n uncloaked!" messages to be logged. In certain situations this may have lead\n to TCP connections hanging or aborting.\n \n Red Hat Enterprise Linux 3 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2007-December/014479.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880316\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:31:09 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2007:1049\");\n script_cve_id(\"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2007-3739\", \"CVE-2007-4308\");\n script_name( \"CentOS Update for kernel CESA-2007:1049 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880320", "href": "http://plugins.openvas.org/nasl.php?oid=880320", "type": "openvas", "title": "CentOS Update for kernel CESA-2007:1049 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2007:1049 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n A flaw was found in the handling of process death signals. This allowed a\n local user to send arbitrary signals to the suid-process executed by that\n user. A successful exploitation of this flaw depends on the structure of\n the suid-program and its signal handling. (CVE-2007-3848, Important)\n \n A flaw was found in the IPv4 forwarding base. This allowed a local user to\n cause a denial of service. (CVE-2007-2172, Important) \n \n A flaw was found where a corrupted executable file could cause cross-region\n memory mappings on Itanium systems. This allowed a local user to cause a\n denial of service. (CVE-2006-4538, Moderate) \n \n A flaw was found in the stack expansion when using the hugetlb kernel on\n PowerPC systems. This allowed a local user to cause a denial of service.\n (CVE-2007-3739, Moderate) \n \n A flaw was found in the aacraid SCSI driver. This allowed a local user to\n make ioctl calls to the driver that should be restricted to privileged\n users. (CVE-2007-4308, Moderate) \n \n As well, these updated packages fix the following bug:\n \n * a bug in the TCP header prediction code may have caused "TCP: Treason\n uncloaked!" messages to be logged. In certain situations this may have lead\n to TCP connections hanging or aborting.\n \n Red Hat Enterprise Linux 3 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2007-December/014480.html\");\n script_id(880320);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:31:09 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2007:1049\");\n script_cve_id(\"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2007-3739\", \"CVE-2007-4308\");\n script_name( \"CentOS Update for kernel CESA-2007:1049 centos3 x86_64\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:38:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "Check for the Version of kernel", "modified": "2018-04-06T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:1361412562310880320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880320", "type": "openvas", "title": "CentOS Update for kernel CESA-2007:1049 centos3 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2007:1049 centos3 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n A flaw was found in the handling of process death signals. This allowed a\n local user to send arbitrary signals to the suid-process executed by that\n user. A successful exploitation of this flaw depends on the structure of\n the suid-program and its signal handling. (CVE-2007-3848, Important)\n \n A flaw was found in the IPv4 forwarding base. This allowed a local user to\n cause a denial of service. (CVE-2007-2172, Important) \n \n A flaw was found where a corrupted executable file could cause cross-region\n memory mappings on Itanium systems. This allowed a local user to cause a\n denial of service. (CVE-2006-4538, Moderate) \n \n A flaw was found in the stack expansion when using the hugetlb kernel on\n PowerPC systems. This allowed a local user to cause a denial of service.\n (CVE-2007-3739, Moderate) \n \n A flaw was found in the aacraid SCSI driver. This allowed a local user to\n make ioctl calls to the driver that should be restricted to privileged\n users. (CVE-2007-4308, Moderate) \n \n As well, these updated packages fix the following bug:\n \n * a bug in the TCP header prediction code may have caused "TCP: Treason\n uncloaked!" messages to be logged. In certain situations this may have lead\n to TCP connections hanging or aborting.\n \n Red Hat Enterprise Linux 3 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2007-December/014480.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880320\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:31:09 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2007:1049\");\n script_cve_id(\"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2007-3739\", \"CVE-2007-4308\");\n script_name( \"CentOS Update for kernel CESA-2007:1049 centos3 x86_64\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-09T11:39:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "Check for the Version of kernel", "modified": "2018-04-06T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:1361412562310870197", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870197", "type": "openvas", "title": "RedHat Update for kernel RHSA-2007:1049-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2007:1049-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n A flaw was found in the handling of process death signals. This allowed a\n local user to send arbitrary signals to the suid-process executed by that\n user. A successful exploitation of this flaw depends on the structure of\n the suid-program and its signal handling. (CVE-2007-3848, Important)\n \n A flaw was found in the IPv4 forwarding base. This allowed a local user to\n cause a denial of service. (CVE-2007-2172, Important) \n \n A flaw was found where a corrupted executable file could cause cross-region\n memory mappings on Itanium systems. This allowed a local user to cause a\n denial of service. (CVE-2006-4538, Moderate) \n \n A flaw was found in the stack expansion when using the hugetlb kernel on\n PowerPC systems. This allowed a local user to cause a denial of service.\n (CVE-2007-3739, Moderate) \n \n A flaw was found in the aacraid SCSI driver. This allowed a local user to\n make ioctl calls to the driver that should be restricted to privileged\n users. (CVE-2007-4308, Moderate) \n \n As well, these updated packages fix the following bug:\n \n * a bug in the TCP header prediction code may have caused "TCP: Treason\n uncloaked!" messages to be logged. In certain situations this may have lead\n to TCP connections hanging or aborting.\n \n Red Hat Enterprise Linux 3 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2007-December/msg00000.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870197\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2007:1049-01\");\n script_cve_id(\"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2007-3739\", \"CVE-2007-4308\");\n script_name( \"RedHat Update for kernel RHSA-2007:1049-01\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2009-03-06T00:00:00", "id": "OPENVAS:870197", "href": "http://plugins.openvas.org/nasl.php?oid=870197", "type": "openvas", "title": "RedHat Update for kernel RHSA-2007:1049-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2007:1049-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n A flaw was found in the handling of process death signals. This allowed a\n local user to send arbitrary signals to the suid-process executed by that\n user. A successful exploitation of this flaw depends on the structure of\n the suid-program and its signal handling. (CVE-2007-3848, Important)\n \n A flaw was found in the IPv4 forwarding base. This allowed a local user to\n cause a denial of service. (CVE-2007-2172, Important) \n \n A flaw was found where a corrupted executable file could cause cross-region\n memory mappings on Itanium systems. This allowed a local user to cause a\n denial of service. (CVE-2006-4538, Moderate) \n \n A flaw was found in the stack expansion when using the hugetlb kernel on\n PowerPC systems. This allowed a local user to cause a denial of service.\n (CVE-2007-3739, Moderate) \n \n A flaw was found in the aacraid SCSI driver. This allowed a local user to\n make ioctl calls to the driver that should be restricted to privileged\n users. (CVE-2007-4308, Moderate) \n \n As well, these updated packages fix the following bug:\n \n * a bug in the TCP header prediction code may have caused "TCP: Treason\n uncloaked!" messages to be logged. In certain situations this may have lead\n to TCP connections hanging or aborting.\n \n Red Hat Enterprise Linux 3 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 3,\n Red Hat Enterprise Linux ES version 3,\n Red Hat Enterprise Linux WS version 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2007-December/msg00000.html\");\n script_id(870197);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-06 07:30:35 +0100 (Fri, 06 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2007:1049-01\");\n script_cve_id(\"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2007-3739\", \"CVE-2007-4308\");\n script_name( \"RedHat Update for kernel RHSA-2007:1049-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~53.EL\", rls:\"RHENT_3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:880316", "href": "http://plugins.openvas.org/nasl.php?oid=880316", "type": "openvas", "title": "CentOS Update for kernel CESA-2007:1049 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2007:1049 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n A flaw was found in the handling of process death signals. This allowed a\n local user to send arbitrary signals to the suid-process executed by that\n user. A successful exploitation of this flaw depends on the structure of\n the suid-program and its signal handling. (CVE-2007-3848, Important)\n \n A flaw was found in the IPv4 forwarding base. This allowed a local user to\n cause a denial of service. (CVE-2007-2172, Important) \n \n A flaw was found where a corrupted executable file could cause cross-region\n memory mappings on Itanium systems. This allowed a local user to cause a\n denial of service. (CVE-2006-4538, Moderate) \n \n A flaw was found in the stack expansion when using the hugetlb kernel on\n PowerPC systems. This allowed a local user to cause a denial of service.\n (CVE-2007-3739, Moderate) \n \n A flaw was found in the aacraid SCSI driver. This allowed a local user to\n make ioctl calls to the driver that should be restricted to privileged\n users. (CVE-2007-4308, Moderate) \n \n As well, these updated packages fix the following bug:\n \n * a bug in the TCP header prediction code may have caused "TCP: Treason\n uncloaked!" messages to be logged. In certain situations this may have lead\n to TCP connections hanging or aborting.\n \n Red Hat Enterprise Linux 3 users are advised to upgrade to these updated\n packages, which contain backported patches to resolve these issues.\";\n\ntag_affected = \"kernel on CentOS 3\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2007-December/014479.html\");\n script_id(880316);\n script_version(\"$Revision: 6651 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 08:31:09 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2007:1049\");\n script_cve_id(\"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2006-4538\", \"CVE-2007-3739\", \"CVE-2007-4308\");\n script_name( \"CentOS Update for kernel CESA-2007:1049 centos3 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-unsupported\", rpm:\"kernel-hugemem-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-unsupported\", rpm:\"kernel-smp-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-unsupported\", rpm:\"kernel-unsupported~2.4.21~53.EL\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "description": "The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0001-01.", "modified": "2017-07-10T00:00:00", "published": "2009-02-10T00:00:00", "id": "OPENVAS:63344", "href": "http://plugins.openvas.org/nasl.php?oid=63344", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0001-01 (kernel)", "sourceData": "#CESA-2009:0001-01 63344 1\n# $Id: ovcesa2009_0001_01.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0001-01 (kernel)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0001-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0001\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to kernel announced in\nadvisory CESA-2009:0001-01.\";\n\n\n\nif(description)\n{\n script_id(63344);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:0001-01 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880937", "href": "http://plugins.openvas.org/nasl.php?oid=880937", "type": "openvas", "title": "CentOS Update for kernel CESA-2009:0001-01 centos2 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2009:0001-01 centos2 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n These updated packages fix the following security issues:\n \n * a flaw was found in the IPv4 forwarding base. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2007-2172,\n Important)\n \n * a flaw was found in the handling of process death signals. This allowed a\n local, unprivileged user to send arbitrary signals to the suid-process\n executed by that user. Successful exploitation of this flaw depends on the\n structure of the suid-program and its signal handling. (CVE-2007-3848,\n Important)\n \n * when accessing kernel memory locations, certain Linux kernel drivers\n registering a fault handler did not perform required range checks. A local,\n unprivileged user could use this flaw to gain read or write access to\n arbitrary kernel memory, or possibly cause a denial of service.\n (CVE-2008-0007, Important)\n \n * a possible kernel memory leak was found in the Linux kernel Simple\n Internet Transition (SIT) INET6 implementation. This could allow a local,\n unprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n \n * missing capability checks were found in the SBNI WAN driver which could\n allow a local, unprivileged user to bypass intended capability\n restrictions. (CVE-2008-3525, Important)\n \n * a flaw was found in the way files were written using truncate() or\n ftruncate(). This could allow a local, unprivileged user to acquire the\n privileges of a different group and obtain access to sensitive information.\n (CVE-2008-4210, Important)\n \n * a race condition in the mincore system core allowed a local, unprivileged\n user to cause a denial of service. (CVE-2006-4814, Moderate)\n \n * a flaw was found in the aacraid SCSI driver. This allowed a local,\n unprivileged user to make ioctl calls to the driver which should otherwise\n be restricted to privileged users. (CVE-2007-4308, Moderate)\n \n * two buffer overflow flaws were found in the Integrated Services Digital\n Network (ISDN) subsystem. A local, unprivileged user could use these flaws\n to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n \n * a flaw was found in the way core dump files were created. If a local,\n unprivileged user could make a root-owned process dump a core file into a\n user-writable directory, the user could gain read access to that core file,\n potentially compromising sensitive information. (CVE-2007-6206, Moderate)\n \n * a deficiency was found in the Linux kernel virtual file system (VFS)\n implementation. This could allow a local, unprivileged ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 2\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-February/015576.html\");\n script_id(880937);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2009:0001-01\");\n script_cve_id(\"CVE-2006-4814\", \"CVE-2007-2172\", \"CVE-2007-3848\", \"CVE-2007-4308\", \n \"CVE-2007-6063\", \"CVE-2007-6151\", \"CVE-2007-6206\", \"CVE-2008-0007\", \n \"CVE-2008-2136\", \"CVE-2008-3275\", \"CVE-2008-3525\", \"CVE-2008-4210\");\n script_name(\"CentOS Update for kernel CESA-2009:0001-01 centos2 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-BOOT\", rpm:\"kernel-BOOT~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-enterprise\", rpm:\"kernel-enterprise~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-summit\", rpm:\"kernel-summit~2.4.9~e.74\", rls:\"CentOS2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-10-03T11:48:19", "description": "The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error.", "edition": 3, "cvss3": {}, "published": "2006-11-22T01:07:00", "title": "CVE-2006-6058", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-6058"], "modified": "2018-10-30T16:25:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.20.9", "cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.6.22.3", "cpe:/o:linux:linux_kernel:2.6.19.1", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.16.15", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.6.23.1", "cpe:/o:linux:linux_kernel:2.6.21", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.16.20", "cpe:/o:linux:linux_kernel:2.6.4", "cpe:/o:linux:linux_kernel:2.6.22.16", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.14.7", "cpe:/o:linux:linux_kernel:2.6.16.22", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.23.2", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.6.8", "cpe:/o:linux:linux_kernel:2.6.21.1", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.6.23.9", "cpe:/o:linux:linux_kernel:2.6.23.14", "cpe:/o:linux:linux_kernel:2.6.16.18", "cpe:/o:linux:linux_kernel:2.6.22.1", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.6.16.29", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.16.21", "cpe:/o:linux:linux_kernel:2.6.23", "cpe:/o:linux:linux_kernel:2.6.19", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.6.16.30", "cpe:/o:linux:linux_kernel:2.6.20.15", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.6.20.11", "cpe:/o:linux:linux_kernel:2.6.23.6", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.6.19.2", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.6.23.7", "cpe:/o:linux:linux_kernel:2.6.20", "cpe:/o:linux:linux_kernel:2.6.22.7", "cpe:/o:linux:linux_kernel:2.6.16.14", "cpe:/o:linux:linux_kernel:2.6.22.4", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.6.20.8", "cpe:/o:linux:linux_kernel:2.6.3", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.6.23.5", "cpe:/o:linux:linux_kernel:2.6.20.14", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.6.6", "cpe:/o:linux:linux_kernel:2.6.20.12", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.20.3", "cpe:/o:linux:linux_kernel:2.6.16.8", "cpe:/o:linux:linux_kernel:2.6.16.25", "cpe:/o:linux:linux_kernel:2.6.18.5", "cpe:/o:linux:linux_kernel:2.6.16.17", "cpe:/o:linux:linux_kernel:2.6.5", "cpe:/o:linux:linux_kernel:2.6.16.26", "cpe:/o:linux:linux_kernel:2.6.16.32", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.6.16.33", "cpe:/o:linux:linux_kernel:2.6.21.4", "cpe:/o:linux:linux_kernel:2.6.19.3", "cpe:/o:linux:linux_kernel:2.6.18.3", "cpe:/o:linux:linux_kernel:2.6.18.6", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.6.2", "cpe:/o:linux:linux_kernel:2.6.22", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.6.22.5", "cpe:/o:linux:linux_kernel:2.6.13.5", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.6.18.2", "cpe:/o:linux:linux_kernel:2.6.20.6", "cpe:/o:linux:linux_kernel:2.6.9", "cpe:/o:linux:linux_kernel:2.6.20.2", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.6.23.4", "cpe:/o:linux:linux_kernel:2.6.18.7", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.20.5", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.16", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.6.20.7", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.6.16.31", "cpe:/o:linux:linux_kernel:2.6.20.4", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.6.7", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.6.16.28", "cpe:/o:linux:linux_kernel:2.6.18.4", "cpe:/o:linux:linux_kernel:2.6.21.3", "cpe:/o:linux:linux_kernel:2.6.8.1", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.16.24", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.6.20.1", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.6.16.6", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.6.14.6", "cpe:/o:linux:linux_kernel:2.6.18.8", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.6.20.13", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.6.20.10", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.6.23.3", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.21.2", "cpe:/o:linux:linux_kernel:2.6.16.13", "cpe:/o:linux:linux_kernel:2.6.22.6"], "id": "CVE-2006-6058", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6058", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:git6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:23:51", "description": "The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode (\"mount -t smbfs\").", "edition": 5, "cvss3": {}, "published": "2007-05-14T17:19:00", "title": "CVE-2006-7203", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-7203"], "modified": "2017-10-11T01:31:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.20"], "id": "CVE-2006-7203", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-7203", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:55", "description": "The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which triggers a NULL pointer dereference.", "edition": 3, "cvss3": {}, "published": "2008-01-29T20:00:00", "title": "CVE-2007-6694", "type": "cve", "cwe": ["NVD-CWE-noinfo", "CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6694"], "modified": "2018-10-03T21:52:00", "cpe": ["cpe:/o:linux:linux_kernel:2.5.36", "cpe:/o:linux:linux_kernel:2.6.12.22", "cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.4.27", "cpe:/o:linux:linux_kernel:2.6.16.49", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.16.15", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.4.9", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.16.20", "cpe:/o:linux:linux_kernel:2.5.26", "cpe:/o:linux:linux_kernel:2.5.41", "cpe:/o:linux:linux_kernel:2.5.10", "cpe:/o:linux:linux_kernel:2.4.21", "cpe:/o:linux:linux_kernel:2.5.64", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.5.32", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.4.24_ow1", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.16_rc7", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.14.7", "cpe:/o:linux:linux_kernel:2.6.16.50", "cpe:/o:linux:linux_kernel:2.6.16.40", "cpe:/o:linux:linux_kernel:2.4.5", "cpe:/o:linux:linux_kernel:2.6.16.22", "cpe:/o:linux:linux_kernel:2.4.33.3", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.5.52", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.5.8", "cpe:/o:linux:linux_kernel:2.6.16.44", "cpe:/o:linux:linux_kernel:2.6.16.18", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.5.18", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.5.30", "cpe:/o:linux:linux_kernel:2.6.16.29", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.5.19", "cpe:/o:linux:linux_kernel:2.5.66", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.5.16", "cpe:/o:linux:linux_kernel:2.5.25", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.16.21", "cpe:/o:linux:linux_kernel:2.5.37", "cpe:/o:linux:linux_kernel:2.5.13", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.16.51", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.4.26", "cpe:/o:linux:linux_kernel:2.6.16.30", "cpe:/o:linux:linux_kernel:2.6.16.53", "cpe:/o:linux:linux_kernel:2.4.23_ow2", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.4.25", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.4.8", "cpe:/o:linux:linux_kernel:2.5.31", "cpe:/o:linux:linux_kernel:2.5.20", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.5.5", "cpe:/o:linux:linux_kernel:2.5.44", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.5.38", "cpe:/o:linux:linux_kernel:2.5.4", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.5.49", "cpe:/o:linux:linux_kernel:2.4.7", "cpe:/o:linux:linux_kernel:2.6.16.34", "cpe:/o:linux:linux_kernel:2.5.2", "cpe:/o:linux:linux_kernel:2.6.16.14", "cpe:/o:linux:linux_kernel:2.4.34", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.5.1", "cpe:/o:linux:linux_kernel:2.5.48", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.5.15", "cpe:/o:linux:linux_kernel:2.4.22", "cpe:/o:linux:linux_kernel:2.6.16.48", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.5.60", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.4.30", "cpe:/o:linux:linux_kernel:2.5.35", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.16.39", "cpe:/o:linux:linux_kernel:2.5.39", "cpe:/o:linux:linux_kernel:2.6.16.8", "cpe:/o:linux:linux_kernel:2.6.16.25", "cpe:/o:linux:linux_kernel:2.5.56", "cpe:/o:linux:linux_kernel:2.6.18.5", "cpe:/o:linux:linux_kernel:2.5.63", "cpe:/o:linux:linux_kernel:2.6.16.17", "cpe:/o:linux:linux_kernel:2.5.3", "cpe:/o:linux:linux_kernel:2.5.62", "cpe:/o:linux:linux_kernel:2.6.16.26", "cpe:/o:linux:linux_kernel:2.6.16.32", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.4.4", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.4.33.5", "cpe:/o:linux:linux_kernel:2.6.16.33", "cpe:/o:linux:linux_kernel:2.6.18.3", "cpe:/o:linux:linux_kernel:2.4.35.2", "cpe:/o:linux:linux_kernel:2.6.18.6", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.4.33.2", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.4.23", "cpe:/o:linux:linux_kernel:2.5.21", "cpe:/o:linux:linux_kernel:2.6.16.36", "cpe:/o:linux:linux_kernel:2.5.9", "cpe:/o:linux:linux_kernel:2.6.16.37", "cpe:/o:linux:linux_kernel:2.6.13.5", "cpe:/o:linux:linux_kernel:2.5.12", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.5.58", "cpe:/o:linux:linux_kernel:2.5.53", "cpe:/o:linux:linux_kernel:2.6.18.2", "cpe:/o:linux:linux_kernel:2.5.24", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.5.17", "cpe:/o:linux:linux_kernel:2.5.61", "cpe:/o:linux:linux_kernel:2.5.23", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.5.42", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.5.45", "cpe:/o:linux:linux_kernel:2.4.35", "cpe:/o:linux:linux_kernel:2.6.18.7", "cpe:/o:linux:linux_kernel:2.6.16.47", "cpe:/o:linux:linux_kernel:2.5.40", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.16.38", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.16", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.5.43", "cpe:/o:linux:linux_kernel:2.5.0", "cpe:/o:linux:linux_kernel:2.4.31", "cpe:/o:linux:linux_kernel:2.5.68", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.4.28", "cpe:/o:linux:linux_kernel:2.5.29", "cpe:/o:linux:linux_kernel:2.6.16.31", "cpe:/o:linux:linux_kernel:2.6.16.52", "cpe:/o:linux:linux_kernel:2.5.59", "cpe:/o:linux:linux_kernel:2.4.6", "cpe:/o:linux:linux_kernel:2.5.57", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.5.33", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.11_rc1_bk6", "cpe:/o:linux:linux_kernel:2.5.14", "cpe:/o:linux:linux_kernel:2.5.7", "cpe:/o:linux:linux_kernel:2.6.16.46", "cpe:/o:linux:linux_kernel:2.6.16.41", "cpe:/o:linux:linux_kernel:2.5.51", "cpe:/o:linux:linux_kernel:2.4.9_pre5", "cpe:/o:linux:linux_kernel:2.6.15.11", "cpe:/o:linux:linux_kernel:2.6.16.45", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.5.34", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.5.11", "cpe:/o:linux:linux_kernel:2.4.33.4", "cpe:/o:linux:linux_kernel:2.6.16.28", "cpe:/o:linux:linux_kernel:2.6.18.4", "cpe:/o:linux:linux_kernel:2.5.65", "cpe:/o:linux:linux_kernel:2.6_test9_cvs", "cpe:/o:linux:linux_kernel:2.5.22", "cpe:/o:linux:linux_kernel:2.6.12.12", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.16.24", "cpe:/o:linux:linux_kernel:2.5.47", "cpe:/o:linux:linux_kernel:2.4.3", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.4.32", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.4.34.2", "cpe:/o:linux:linux_kernel:2.6.16.6", "cpe:/o:linux:linux_kernel:2.5.27", "cpe:/o:linux:linux_kernel:2.5.50", "cpe:/o:linux:linux_kernel:2.5.54", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.4.34.1", "cpe:/o:linux:linux_kernel:2.6.14.6", "cpe:/o:linux:linux_kernel:2.6.18.8", "cpe:/o:linux:linux_kernel:2.6.16.35", "cpe:/o:linux:linux_kernel:2.5.69", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.5.46", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.5.6", "cpe:/o:linux:linux_kernel:2.5.67", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.4.33", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.16.13", "cpe:/o:linux:linux_kernel:2.4.29", "cpe:/o:linux:linux_kernel:2.5.28", "cpe:/o:linux:linux_kernel:2.4.24", "cpe:/o:linux:linux_kernel:2.6.16.43", "cpe:/o:linux:linux_kernel:2.5.55"], "id": "CVE-2007-6694", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6694", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.27:pre3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.27:pre4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.31:pre1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.3:pre3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.29:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.22:pre10:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.34.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.69:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.30:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33:pre1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.32:pre2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.34.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.27:pre5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.21:pre1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.21:pre4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.32:pre1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.30:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.35.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.29:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.33.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16_rc7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.34:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.9_pre5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.21:pre7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.27:pre1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.5.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11_rc1_bk6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.27:pre2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:55", "description": "Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.", "edition": 3, "cvss3": {}, "published": "2007-11-21T00:46:00", "title": "CVE-2007-6063", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6063"], "modified": "2017-09-29T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.23"], "id": "CVE-2007-6063", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6063", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:48:19", "description": "The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.", "edition": 3, "cvss3": {}, "published": "2006-11-22T01:07:00", "title": "CVE-2006-6054", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-6054"], "modified": "2017-10-11T01:31:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.16.15", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.16.20", "cpe:/o:linux:linux_kernel:2.6.4", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.14.7", "cpe:/o:linux:linux_kernel:2.6.16.22", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.6.8", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.6.16.18", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.6.16.29", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.16.21", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.6.16.30", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.6.16.14", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.6.3", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.6.6", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.16.8", "cpe:/o:linux:linux_kernel:2.6.16.25", "cpe:/o:linux:linux_kernel:2.6.16.17", "cpe:/o:linux:linux_kernel:2.6.5", "cpe:/o:linux:linux_kernel:2.6.16.26", "cpe:/o:linux:linux_kernel:2.6.16.32", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.6.16.33", "cpe:/o:linux:linux_kernel:2.6.18.3", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.6.2", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.6.13.5", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.6.18.2", "cpe:/o:linux:linux_kernel:2.6.9", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.16", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.6.16.31", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.6.7", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.6.16.28", "cpe:/o:linux:linux_kernel:2.6.8.1", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.16.24", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.6.16.6", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.6.14.6", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.16.13"], "id": "CVE-2006-6054", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6054", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.16.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:26:09", "description": "The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.", "edition": 6, "cvss3": {}, "published": "2007-12-04T00:46:00", "title": "CVE-2007-6206", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6206"], "modified": "2020-08-12T19:26:00", "cpe": ["cpe:/o:suse:linux_enterprise_software_development_kit:10", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:debian:debian_linux:4.0", "cpe:/o:redhat:enterprise_linux_eus:4.6", "cpe:/o:canonical:ubuntu_linux:6.06", "cpe:/o:canonical:ubuntu_linux:6.10", "cpe:/o:redhat:enterprise_linux_server:4.0", "cpe:/o:redhat:enterprise_linux_workstation:4.0", "cpe:/o:debian:debian_linux:3.1", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:suse:linux_enterprise_desktop:10", "cpe:/o:suse:linux_enterprise_real_time_extension:10", "cpe:/o:linux:linux_kernel:2.4.35.2", "cpe:/o:opensuse:opensuse:10.2", "cpe:/o:redhat:enterprise_linux_desktop:4.0", "cpe:/o:linux:linux_kernel:2.6.24", "cpe:/o:opensuse:opensuse:10.3", "cpe:/o:canonical:ubuntu_linux:7.04"], "id": "CVE-2007-6206", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6206", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:4.6:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:10.2:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp1:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.35.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:-:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:10:sp1:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp1:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:48:19", "description": "The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.", "edition": 3, "cvss3": {}, "published": "2006-11-09T11:07:00", "title": "CVE-2006-5823", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-5823"], "modified": "2018-10-30T16:26:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.16.15", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.16.20", "cpe:/o:linux:linux_kernel:2.6.4", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.16_rc7", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.14.7", "cpe:/o:linux:linux_kernel:2.6.16.22", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.6.8", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.6.16.18", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.16.21", "cpe:/o:linux:linux_kernel:2.6.19", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.6.16.30", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.6.16.14", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.6.3", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.6.6", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.16.8", "cpe:/o:linux:linux_kernel:2.6.16.17", "cpe:/o:linux:linux_kernel:2.6.5", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.6.8.1.5", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.6.2", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.6.9", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.16", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.6.7", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.11_rc1_bk6", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.6.8.1", "cpe:/o:linux:linux_kernel:2.6_test9_cvs", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.16.24", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.6.16.6", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.6.14.6", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.16.13"], "id": "CVE-2006-5823", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5823", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:64-bit_x86:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7_smp:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test11:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686_smp:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:itanium_ia64_montecito:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:386:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:686:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8_smp:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6_test9_cvs:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:k7:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power4_smp:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:2.6.20:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_xeon:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16_rc7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:power3_smp:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11_rc1_bk6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:test10:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:powerpc_smp:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1.5:*:amd64_k8:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:26:07", "description": "The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors.", "edition": 5, "cvss3": {}, "published": "2007-10-04T23:17:00", "title": "CVE-2007-4133", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4133"], "modified": "2017-09-29T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.19"], "id": "CVE-2007-4133", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4133", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:45:55", "description": "The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.", "edition": 3, "cvss3": {}, "published": "2007-12-15T01:46:00", "title": "CVE-2007-6151", "type": "cve", "cwe": ["CWE-119", "NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-6151"], "modified": "2017-09-29T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.23"], "id": "CVE-2007-6151", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6151", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:26:07", "description": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.", "edition": 5, "cvss3": {}, "published": "2007-09-24T22:17:00", "title": "CVE-2007-4573", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-4573"], "modified": "2018-10-15T21:36:00", "cpe": ["cpe:/o:linux:linux_kernel:2.4.35", "cpe:/o:linux:linux_kernel:2.6.22.6"], "id": "CVE-2007-4573", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4573", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.4.35:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:x86_64:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2007-4997", "CVE-2007-3740", "CVE-2006-6058", "CVE-2007-6063", "CVE-2007-5500"], "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n \r\n Mandriva Linux Security Advisory MDVSA-2008:008\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n \r\n Package : kernel\r\n Date : January 11, 2008\r\n Affected: Corporate 4.0\r\n _______________________________________________________________________\r\n \r\n Problem Description:\r\n \r\n Some vulnerabilities were discovered and corrected in the Linux\r\n 2.6 kernel:\r\n \r\n The CIFS filesystem, when Unix extension support is enabled, does\r\n not honor the umask of a process, which allows local users to gain\r\n privileges. (CVE-2007-3740)\r\n \r\n The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions\r\n in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform\r\n certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE\r\n units, which allows local users to cause a denial of service (panic)\r\n via unspecified vectors. (CVE-2007-4133)\r\n \r\n The IA32 system call emulation functionality in Linux kernel 2.4.x\r\n and 2.6.x before 2.6.22.7, when running on the x86_64 architecture,\r\n does not zero extend the eax register after the 32bit entry path to\r\n ptrace is used, which might allow local users to gain privileges by\r\n triggering an out-of-bounds access to the system call table using\r\n the %RAX register. (CVE-2007-4573)\r\n \r\n Integer underflow in the ieee80211_rx function in\r\n net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before\r\n 2.6.23 allows remote attackers to cause a denial of service (crash)\r\n via a crafted SKB length value in a runt IEEE 802.11 frame when\r\n the IEEE80211_STYPE_QOS_DATA flag is set, aka an off-by-two\r\n error. (CVE-2007-4997)\r\n \r\n The disconnect method in the Philips USB Webcam (pwc) driver in Linux\r\n kernel 2.6.x before 2.6.22.6 relies on user space to close the device,\r\n which allows user-assisted local attackers to cause a denial of service\r\n (USB subsystem hang and CPU consumption in khubd) by not closing the\r\n device after the disconnect is invoked. NOTE: this rarely crosses\r\n privilege boundaries, unless the attacker can convince the victim to\r\n unplug the affected device. (CVE-2007-5093)\r\n \r\n The wait_task_stopped function in the Linux kernel before 2.6.23.8\r\n checks a TASK_TRACED bit instead of an exit_state value, which\r\n allows local users to cause a denial of service (machine crash) via\r\n unspecified vectors. NOTE: some of these details are obtained from\r\n third party information. (CVE-2007-5500)\r\n \r\n The minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and\r\n possibly other versions, allows local users to cause a denial of\r\n service (hang) via a malformed minix file stream that triggers an\r\n infinite loop in the minix_bmap function. NOTE: this issue might be\r\n due to an integer overflow or signedness error. (CVE-2006-6058)\r\n \r\n Buffer overflow in the isdn_net_setcfg function in isdn_net.c in\r\n Linux kernel 2.6.23 allows local users to have an unknown impact via\r\n a crafted argument to the isdn_ioctl function. (CVE-2007-6063)\r\n \r\n Additionaly, support for Promise 4350 controller was added (stex\r\n module).\r\n \r\n To update your kernel, please follow the directions located at:\r\n \r\n http://www.mandriva.com/en/security/kernelupdate\r\n _______________________________________________________________________\r\n\r\n References:\r\n \r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3740\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4133\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4573\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4997\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5093\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5500\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6058\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063\r\n _______________________________________________________________________\r\n \r\n Updated Packages:\r\n \r\n Corporate 4.0:\r\n 07fa3648c4fcad266094de58ee5f7976 corporate/4.0/i586/kernel-2.6.12.33mdk-1-1mdk.i586.rpm\r\n e252e134fca461feeee210bc85fe0b66 corporate/4.0/i586/kernel-BOOT-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 2364ec022ffd41f61ef19aa4da196584 corporate/4.0/i586/kernel-doc-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 56b9c725e2370594ea37bff83bec8adf corporate/4.0/i586/kernel-i586-up-1GB-2.6.12.33mdk-1-1mdk.i586.rpm\r\n ac5b435ab4b230da799b12b06054e3e5 corporate/4.0/i586/kernel-i686-up-4GB-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 4bd260613b29981fd3b0a742707c6785 corporate/4.0/i586/kernel-smp-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 4111453b8da035fa44428f7d79b77c64 corporate/4.0/i586/kernel-source-2.6.12.33mdk-1-1mdk.i586.rpm\r\n c31d879b0becf2c84569ad18615fbe7c corporate/4.0/i586/kernel-source-stripped-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 9e8f1b4d991c1b144b5e999b647bbce6 corporate/4.0/i586/kernel-xbox-2.6.12.33mdk-1-1mdk.i586.rpm\r\n 895efcf862e5e8428ceec714f29666da corporate/4.0/i586/kernel-xen0-2.6.12.33mdk-1-1mdk.i586.rpm\r\n bab9c0071d482b0e3c03c181b8cca71a corporate/4.0/i586/kernel-xenU-2.6.12.33mdk-1-1mdk.i586.rpm \r\n 877a5d94905829128211ecc1dd538138 corporate/4.0/SRPMS/kernel-2.6.12.33mdk-1-1mdk.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n d2e4070842e4a6ea4d9e029a5977d929 corporate/4.0/x86_64/kernel-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n bf3014e8afe93ab0a8877e1d80d921e4 corporate/4.0/x86_64/kernel-BOOT-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n ac4c529077ff74e82362c1b7d4404233 corporate/4.0/x86_64/kernel-doc-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n fe2963758a2fbef0ed561dd41741f1f0 corporate/4.0/x86_64/kernel-smp-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n f8ea4d85518c1e2e6a8b163febbb39f8 corporate/4.0/x86_64/kernel-source-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n 773dd4eb7e4ebbe76c49817399bdfb23 corporate/4.0/x86_64/kernel-source-stripped-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n 83c8eb396798958d3a0581f7610973e8 corporate/4.0/x86_64/kernel-xen0-2.6.12.33mdk-1-1mdk.x86_64.rpm\r\n e3a4fc8ac6984d283aebcbf8c733942f corporate/4.0/x86_64/kernel-xenU-2.6.12.33mdk-1-1mdk.x86_64.rpm \r\n 877a5d94905829128211ecc1dd538138 corporate/4.0/SRPMS/kernel-2.6.12.33mdk-1-1mdk.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 (GNU/Linux)\r\n\r\niD8DBQFHh8nGmqjQ0CJFipgRAmkIAJ94GfjCcBcizfHDPBZrHQEmHmu5TQCgxfMx\r\n1VPoB3XA6iDs9X0H11l20I0=\r\n=S6Bk\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-01-13T00:00:00", "published": "2008-01-13T00:00:00", "id": "SECURITYVULNS:DOC:18851", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18851", "title": "[ MDVSA-2008:008 ] - Updated kernel packages fix multiple vulnerabilities and bugs", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:28", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-4997", "CVE-2007-3740"], "description": "unask is not correctly applied on CIFS filesystem, DoS via hugetlb_vmtruncate_list and hugetlb_vmtruncate, IA32 emulation subsystem processor registors access, ieee80211_rx integer overflow, Philips USB Webcam driver DoS, wait_task_stopped DoS.", "edition": 1, "modified": "2008-01-13T00:00:00", "published": "2008-01-13T00:00:00", "id": "SECURITYVULNS:VULN:8563", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8563", "title": "Linux kernel multiple security vulnrabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:23", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573", "CVE-2007-4133", "CVE-2007-5093", "CVE-2006-5755"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 1381-1 security@debian.org\r\nhttp://www.debian.org/security/ Dann Frazier\r\nOctober 2nd, 2007 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : several\r\nProblem-Type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2006-5755 CVE-2007-4133 CVE-2007-4573 CVE-2007-5093\r\n\r\nSeveral local vulnerabilities have been discovered in the Linux kernel\r\nthat may lead to a denial of service or the execution of arbitrary\r\ncode. The Common Vulnerabilities and Exposures project identifies the\r\nfollowing problems:\r\n\r\nCVE-2006-5755\r\n\r\n The NT bit maybe leaked into the next task which can local attackers\r\n to cause a Denial of Service (crash) on systems which run the 'amd64'\r\n flavour kernel. The stable distribution ('etch') was not believed to\r\n be vulnerable to this issue at the time of release, however Bastian\r\n Blank discovered that this issue still applied to the 'xen-amd64' and\r\n 'xen-vserver-amd64' flavours, and is resolved by this DSA.\r\n\r\nCVE-2007-4133\r\n\r\n Hugh Dickins discovered a potential local DoS (panic) in hugetlbfs.\r\n A misconversion of hugetlb_vmtruncate_list to prio_tree may allow\r\n local users to trigger a BUG_ON() call in exit_mmap.\r\n\r\nCVE-2007-4573\r\n\r\n Wojciech Purczynski discovered a vulnerability that can be exploited\r\n by a local user to obtain superuser privileges on x86_64 systems.\r\n This resulted from improper clearing of the high bits of registers\r\n during ia32 system call emulation. This vulnerability is relevant\r\n to the Debian amd64 port as well as users of the i386 port who run\r\n the amd64 linux-image flavour.\r\n\r\n DSA-1378 resolved this problem for the 'amd64' flavour kernels, but\r\n Tim Wickberg and Ralf Hemmenst\u0413dt reported an outstanding issue with\r\n the 'xen-amd64' and 'xen-vserver-amd64' issues that is resolved by\r\n this DSA.\r\n\r\nCVE-2007-5093\r\n\r\n Alex Smith discovered an issue with the pwc driver for certain webcam\r\n devices. If the device is removed while a userspace application has it\r\n open, the driver will wait for userspace to close the device, resulting\r\n in a blocked USB subsystem. This issue is of low security impact as\r\n it requires the attacker to either have physical access to the system\r\n or to convince a user with local access to remove the device on their\r\n behalf.\r\n \r\nThese problems have been fixed in the stable distribution in version \r\n2.6.18.dfsg.1-13etch4.\r\n\r\nAt the time of this DSA, only the build for the amd64 architecture is\r\navailable. Due to the severity of the amd64-specific issues, we are\r\nreleasing an incomplete update. This advisory will be updated once\r\nother architecture builds become available.\r\n\r\nWe recommend that you upgrade your kernel package immediately and reboot\r\nthe machine. If you have built a custom kernel from the kernel source\r\npackage, you will need to rebuild to take advantage of these fixes.\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.dsc\r\n Size/MD5 checksum: 5672 37f70bdc04b866a5dbcaa8f849be618a\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1-13etch4.diff.gz\r\n Size/MD5 checksum: 5321790 7bc41f428b95ef6fe99361ca8854e6da\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.18.dfsg.1.orig.tar.gz\r\n Size/MD5 checksum: 52225460 6a1ab0948d6b5b453ea0fce0fcc29060\r\n\r\n Architecture independent components:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 3586640 3bd5240a2610896cc497c62eb88b155c\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 1083674 f8c4bf0032e87733d2ee3f2f1f739f9d\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 1499612 10c0c285c4183493633f2b29f6036d14\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 41419632 8ced68949f94c78c5fc992deebdf1c85\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.18-5_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 3739000 f73b86b37f56ab817c341c43bd4cf8fe\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.18_2.6.18.dfsg.1-13etch4_all.deb\r\n Size/MD5 checksum: 51982 4593b4bbf1f423b1d6e426602243defd\r\n\r\n AMD64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3165218 4f4764c3aef1f9e11201852b94467850\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51516 a90387023090038a122da75482b981fd\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-all-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51542 cb132c34f0684e6a7b1facc9432ecca2\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 269088 d3d721166785a2acfc475b8a87eb7de0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3188578 58346ab81a8dae1bbff87412b9d071a8\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 269454 ef04a599ceb19d37a544cd6f95000138\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3331732 8b0e214847656f1fb6b2d35396db36a7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 269772 1d3f9740c35d4510c6612bb645b1ef79\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 3354462 30fce94ecaa6650c7eb3307e76ad47d9\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 270790 4cd241518cb91e87bbcc62c09117accc\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 16800532 5cd7846a71c94945df71cf67b3d9f254\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 16840344 d264466281d7596876f18427dc7dad37\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 1648548 ff22e2a8c3f269295231b2b24289a892\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 1679922 f7061df614029b187d6883902b2053b7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 15239984 c8de0964da37ad0d13a7c0b1a8dbe927\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 15257046 7fbf51b2580cdf39314d5cae996f8059\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51500 d813a622add08eb6ca03f118af21e6c0\r\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch4_amd64.deb\r\n Size/MD5 checksum: 51514 9f3b1193357e2b448f653e3dd8cac1ac\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ etch/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/etch/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.6 (GNU/Linux)\r\n\r\niD8DBQFHAvmDhuANDBmkLRkRAnP+AJ9AjvJ0omMbXO1kkyncnucj9DKgcwCfaRGg\r\nyOqlvjNwuKuGmBPP2MvwDhg=\r\n=j6lX\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2007-10-04T00:00:00", "published": "2007-10-04T00:00:00", "id": "SECURITYVULNS:DOC:18111", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18111", "title": "[SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-3848", "CVE-2007-3105", "CVE-2007-3843", "CVE-2007-3740"], "description": " [2.6.9-55.0.9.0.1]\n - fix entropy flag in bnx2 driver to generate entropy pool (John \n Sobecki) [orabug 5931647]\n - fix for nfs open call taking longer issue (Chuck Lever) orabug 5580407 \n bz [219412]\n - fix enomem due to larger mtu size page alloc (Zach Brown) orabug 5486128\n - fix per_cpu() api bug_on with rds (Zach Brown) orabug 5760648\n - limit nr_requests in cfq io scheduler ( Jens Axboe) bz 234278 orabug \n 5899829\n \n [2.6.9-55.0.9]\n - revert: all patches from 2.6.9-55.0.7\n \n [2.6.9-55.0.8]\n - fix x86_64 (+ xen) syscall vulnerability (Vitaly Mayatskikh) [297851] \n {CVE-2007-4573}\n \n [2.6.9-55.0.7]\n - fix autofs problem with symbolic links (Ian Kent) [248126]\n - fix privilege escalation via PR_SET_PDEATHSIG (Peter Zijlstra) \n [252306] {CVE-2007-3848}\n - fix bound check ordering issue in random driver (Vitaly Mayatskikh) \n [275941] {CVE-2007-3105}\n - fix memory leak of dma_alloc_coherent() on x86_64 (Prarit Bhargava) \n [282351]\n - makes CIFS honour a process' umask (Jeff Layton) [293121] {CVE-2007-3740}\n - fix signing mount options and error handling for CIFS (Jeff Layton) \n [293141] {CVE-2007-3843} ", "edition": 4, "modified": "2007-09-28T00:00:00", "published": "2007-09-28T00:00:00", "id": "ELSA-2007-0937", "href": "http://linux.oracle.com/errata/ELSA-2007-0937.html", "title": "Important: kernel security update ", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:23", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": " [kernel-2.4.21-53.EL]\n - Fix ipv4 treason uncloaked message (Anton Arapov) [249237]\n - Fix ipv4 fib-sem-out-of-bounds checking (Don Howard) [250429] {CVE-2007-2172}\n - Reset current->pdeath_signal on SUID binary execution (Peter Zijlstra) [251117] {CVE-2007-3848}\n - Fix local DoS with corrupted elf on ia64 (Don Howard) [289171] {CVE-2006-4538}\n - prevent stack from growing into hugepages region (Don Howard) [294951] {CVE-2007-3739}\n - Fix missing ioctl permission checks in aacraid (Don Howard) [298331] {CVE-2007-4308} ", "edition": 4, "modified": "2007-12-04T00:00:00", "published": "2007-12-04T00:00:00", "id": "ELSA-2007-1049", "href": "http://linux.oracle.com/errata/ELSA-2007-1049.html", "title": "Important: kernel security and bug fix update ", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:44", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3848", "CVE-2007-3739", "CVE-2007-3105", "CVE-2007-4308", "CVE-2007-3843", "CVE-2007-3740", "CVE-2007-4571", "CVE-2006-6921", "CVE-2007-2878"], "description": " [2.6.9-55.0.12.0.1]\n - fix entropy flag in bnx2 driver to generate entropy pool (John \n Sobecki) [orabug 5931647]\n - fix for nfs open call taking longer issue (Chuck Lever) orabug 5580407 \n bz [219412]\n - fix enomem due to larger mtu size page alloc (Zach Brown) orabug 5486128\n - fix per_cpu() api bug_on with rds (Zach Brown) orabug 5760648\n - limit nr_requests in cfq io scheduler ( Jens Axboe) bz 234278 orabug \n 5899829\n \n [2.6.9-55.0.12]\n - update: deadlock from recursive call through netpoll_send_skb (Neil \n Horman) [328351]\n - fix machine check errors with Clovertown G0-step CPU (Geoff Gustafson) \n [320791]\n - fix disable block layer bouncing for most memory on 64bit systems (Jim \n Paradis) [330111]\n \n [2.6.9-55.0.11]\n - fix denial of service with wedged processes (Vitaly Mayatskikh) \n [302931] {CVE-2006-6921}\n - fix stack growing into hugetlb reserved regions (Vitaly Mayatskikh) \n [294971] {CVE-2007-3739}\n - fix creating of RHEL4u5 guest domain on i686 RHEL-5.1 host (Chris \n Lalancette) [251013]\n - fix memory leak in __bio_map_user (Eric Sandeen) [328371]\n - fix deadlock from recursive call through netpoll_send_skb (Neil \n Horman) [328351]\n - fix ALSA memory disclosure flaw (Vitaly Mayatskikh) [297741] \n {CVE-2007-4571}\n - fix missing ioctl() permission checks in aacraid driver (Vitaly \n Mayatskikh) [298341] {CVE-2007-4308}\n - fix VFAT compat ioctls DoS on 64-bit (Eric Sandeen) [253316] \n {CVE-2007-2878}\n \n [2.6.9-55.0.10]\n - fix: automounter hangs with rapid access to the same mount point when \n the system is under high load (Ian Kent) [309781]\n - restored: all patches from 2.6.9-55.0.7 ", "edition": 4, "modified": "2007-11-02T00:00:00", "published": "2007-11-02T00:00:00", "id": "ELSA-2007-0939", "href": "http://linux.oracle.com/errata/ELSA-2007-0939.html", "title": "Important: kernel security update ", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:10", "bulletinFamily": "unix", "cvelist": ["CVE-2007-1353", "CVE-2006-7203", "CVE-2007-2453", "CVE-2007-2525"], "description": " [2.6.18-8.1.6.0.1.el5]\n -Fix bonding primary=ethX so it picks correct network (Bert Barbe) [IT \n 101532] [ORA 5136660]\n -Add entropy module option to e1000 (John Sobecki) [ORA 6045759]\n -Add entropy module option to bnx2 (John Sobecki) [ORA 6045759]\n \n [2.6.18.8-1.6.el5]\n - [bluetooth] close information leaks in setsockopt (Marcel Holtmann ) \n [241862]{CVE-2007-1353}\n - [net] fix memory leak in PPPoE (Neil Horman ) [241863] {CVE-2007-2525}\n - [random] fix seeding of dev/random (Aristeu Rozanski ) [241888]\n \n [2.6.18-8.1.5.el5]\n - [fs] prevent oops in compat_sys_mount (Jeff Layton ) [240456] \n {CVE-2006-7203}\n - [e1000] fix watchdog timeout panics (Andy Gospodarek ) [238048]\n - [ext3] return ENOENT from ext3_link when racing with unlink (Eric \n Sandeen ) [239787] ", "edition": 4, "modified": "2007-06-26T00:00:00", "published": "2007-06-26T00:00:00", "id": "ELSA-2007-0376", "href": "http://linux.oracle.com/errata/ELSA-2007-0376.html", "title": "Important: kernel security and bug fix update ", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:08", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2172", "CVE-2007-3848", "CVE-2007-3739", "CVE-2007-4308", "CVE-2006-4538"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1049\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\r\noperating system. \r\n\r\nA flaw was found in the handling of process death signals. This allowed a\r\nlocal user to send arbitrary signals to the suid-process executed by that\r\nuser. A successful exploitation of this flaw depends on the structure of\r\nthe suid-program and its signal handling. (CVE-2007-3848, Important)\r\n\r\nA flaw was found in the IPv4 forwarding base. This allowed a local user to\r\ncause a denial of service. (CVE-2007-2172, Important) \r\n\r\nA flaw was found where a corrupted executable file could cause cross-region\r\nmemory mappings on Itanium systems. This allowed a local user to cause a\r\ndenial of service. (CVE-2006-4538, Moderate) \r\n\r\nA flaw was found in the stack expansion when using the hugetlb kernel on\r\nPowerPC systems. This allowed a local user to cause a denial of service.\r\n(CVE-2007-3739, Moderate) \r\n\r\nA flaw was found in the aacraid SCSI driver. This allowed a local user to\r\nmake ioctl calls to the driver that should be restricted to privileged\r\nusers. (CVE-2007-4308, Moderate) \r\n\r\nAs well, these updated packages fix the following bug:\r\n\r\n* a bug in the TCP header prediction code may have caused \"TCP: Treason\r\nuncloaked!\" messages to be logged. In certain situations this may have lead\r\nto TCP connections hanging or aborting.\r\n\r\nRed Hat Enterprise Linux 3 users are advised to upgrade to these updated\r\npackages, which contain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/026517.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/026518.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/026524.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-December/026525.html\n\n**Affected packages:**\nkernel\nkernel-BOOT\nkernel-doc\nkernel-hugemem\nkernel-hugemem-unsupported\nkernel-smp\nkernel-smp-unsupported\nkernel-source\nkernel-unsupported\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1049.html", "edition": 4, "modified": "2007-12-07T20:49:20", "published": "2007-12-03T19:44:42", "href": "http://lists.centos.org/pipermail/centos-announce/2007-December/026517.html", "id": "CESA-2007:1049", "title": "kernel security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:28:58", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2136", "CVE-2007-2172", "CVE-2007-3848", "CVE-2006-4814", "CVE-2007-6151", "CVE-2008-3525", "CVE-2007-4308", "CVE-2008-0007", "CVE-2007-6206", "CVE-2008-4210", "CVE-2008-3275", "CVE-2007-6063"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0001-01\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a flaw was found in the IPv4 forwarding base. This could allow a local,\nunprivileged user to cause a denial of service. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This allowed a\nlocal, unprivileged user to send arbitrary signals to the suid-process\nexecuted by that user. Successful exploitation of this flaw depends on the\nstructure of the suid-program and its signal handling. (CVE-2007-3848,\nImportant)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A local,\nunprivileged user could use this flaw to gain read or write access to\narbitrary kernel memory, or possibly cause a denial of service.\n(CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a local,\nunprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could\nallow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire the\nprivileges of a different group and obtain access to sensitive information.\n(CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local, unprivileged\nuser to cause a denial of service. (CVE-2006-4814, Moderate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should otherwise\nbe restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use these flaws\nto cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a local,\nunprivileged user could make a root-owned process dump a core file into a\nuser-writable directory, the user could gain read access to that core file,\npotentially compromising sensitive information. (CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt file\ncreation within deleted directories, possibly causing a denial of service.\n(CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should\nupgrade to these updated packages which address these vulnerabilities. For\nthis update to take effect, the system must be rebooted.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027614.html\n\n**Affected packages:**\nkernel\nkernel-BOOT\nkernel-debug\nkernel-doc\nkernel-enterprise\nkernel-headers\nkernel-smp\nkernel-source\nkernel-summit\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 5, "modified": "2009-02-02T23:36:06", "published": "2009-02-02T23:36:06", "href": "http://lists.centos.org/pipermail/centos-announce/2009-February/027614.html", "id": "CESA-2009:0001-01", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:26:09", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3848", "CVE-2007-3739", "CVE-2007-3105", "CVE-2007-4308", "CVE-2007-3843", "CVE-2007-3740", "CVE-2007-4571", "CVE-2006-6921", "CVE-2007-2878"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0939\n\n\nThe Linux kernel is the core of the operating system.\r\n\r\nThese updated kernel packages contain fixes for the following security\r\nissues:\r\n\r\n* A flaw was found in the handling of process death signals. This allowed a\r\nlocal user to send arbitrary signals to the suid-process executed by that\r\nuser. A successful exploitation of this flaw depends on the structure of\r\nthe suid-program and its signal handling. (CVE-2007-3848, Important)\r\n\r\n* A flaw was found in the CIFS file system. This could cause the umask\r\nvalues of a process to not be honored on CIFS file systems where UNIX\r\nextensions are supported. (CVE-2007-3740, Important)\r\n\r\n* A flaw was found in the VFAT compat ioctl handling on 64-bit systems. \r\nThis allowed a local user to corrupt a kernel_dirent struct and cause a\r\ndenial of service. (CVE-2007-2878, Important) \r\n\r\n* A flaw was found in the Advanced Linux Sound Architecture (ALSA). A local\r\nuser who had the ability to read the /proc/driver/snd-page-alloc file could\r\nsee portions of kernel memory. (CVE-2007-4571, Moderate) \r\n\r\n* A flaw was found in the aacraid SCSI driver. This allowed a local user to\r\nmake ioctl calls to the driver that should be restricted to privileged\r\nusers. (CVE-2007-4308, Moderate) \r\n\r\n* A flaw was found in the stack expansion when using the hugetlb kernel on\r\nPowerPC systems. This allowed a local user to cause a denial of service.\r\n(CVE-2007-3739, Moderate) \r\n\r\n* A flaw was found in the handling of zombie processes. A local user could\r\ncreate processes that would not be properly reaped which could lead to a\r\ndenial of service. (CVE-2006-6921, Moderate)\r\n\r\n* A flaw was found in the CIFS file system handling. The mount option\r\n\"sec=\" did not enable integrity checking or produce an error message if\r\nused. (CVE-2007-3843, Low)\r\n\r\n* A flaw was found in the random number generator implementation that\r\nallowed a local user to cause a denial of service or possibly gain\r\nprivileges. This flaw could be exploited if the root user raised the\r\ndefault wakeup threshold over the size of the output pool.\r\n(CVE-2007-3105, Low)\r\n\r\nAdditionally, the following bugs were fixed:\r\n\r\n* A flaw was found in the kernel netpoll code, creating a potential\r\ndeadlock condition. If the xmit_lock for a given network interface is\r\nheld, and a subsequent netpoll event is generated from within the lock\r\nowning context (a console message for example), deadlock on that cpu will\r\nresult, because the netpoll code will attempt to re-acquire the xmit_lock.\r\n The fix is to, in the netpoll code, only attempt to take the lock, and\r\nfail if it is already acquired (rather than block on it), and queue the\r\nmessage to be sent for later delivery. Any user of netpoll code in the\r\nkernel (netdump or netconsole services), is exposed to this problem, and\r\nshould resolve the issue by upgrading to this kernel release immediately.\r\n\r\n* A flaw was found where, under 64-bit mode (x86_64), AMD processors were\r\nnot able to address greater than a 40-bit physical address space; and Intel\r\nprocessors were only able to address up to a 36-bit physical address space. \r\nThe fix is to increase the physical addressing for an AMD processor to 48\r\nbits, and an Intel processor to 38 bits. Please see the Red Hat\r\nKnowledgebase for more detailed information.\r\n\r\n* A flaw was found in the xenU kernel that may prevent a paravirtualized\r\nguest with more than one CPU from starting when running under an Enterprise\r\nLinux 5.1 hypervisor. The fix is to allow your Enterprise Linux 4 Xen SMP\r\nguests to boot under a 5.1 hypervisor. Please see the Red Hat Knowledgebase\r\nfor more detailed information.\r\n \r\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated\r\npackages, which contain backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026396.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026397.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026398.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026399.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0939.html", "edition": 4, "modified": "2007-11-04T01:49:18", "published": "2007-11-03T02:32:41", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026396.html", "id": "CESA-2007:0939", "title": "kernel security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:25:26", "bulletinFamily": "unix", "cvelist": ["CVE-2007-1353", "CVE-2006-7203", "CVE-2007-2453", "CVE-2007-2525"], "description": "**CentOS Errata and Security Advisory** CESA-2007:0376\n\n\nThe Linux kernel handles the basic functions of the operating system.\r\n\r\nThese new kernel packages contain fixes for the following security issues:\r\n\r\n* a flaw in the mount handling routine for 64-bit systems that allowed a\r\nlocal user to cause denial of service (CVE-2006-7203, Important).\r\n\r\n* a flaw in the PPP over Ethernet implementation that allowed a remote user\r\nto cause a denial of service (CVE-2007-2525, Important).\r\n\r\n* a flaw in the Bluetooth subsystem that allowed a local user to trigger an\r\ninformation leak (CVE-2007-1353, Low).\r\n\r\n* a bug in the random number generator that prevented the manual seeding of\r\nthe entropy pool (CVE-2007-2453, Low).\r\n\r\nIn addition to the security issues described above, fixes for the following\r\nhave been included:\r\n\r\n* a race condition between ext3_link/unlink that could create an orphan\r\ninode list corruption.\r\n\r\n* a bug in the e1000 driver that could lead to a watchdog timeout panic.\r\n\r\nRed Hat Enterprise Linux 5 users are advised to upgrade to these packages,\r\nwhich contain backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/025977.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-June/025978.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0376.html", "edition": 3, "modified": "2007-06-15T23:44:49", "published": "2007-06-15T23:44:48", "href": "http://lists.centos.org/pipermail/centos-announce/2007-June/025978.html", "id": "CESA-2007:0376", "title": "kernel security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:34", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4538", "CVE-2007-2172", "CVE-2007-3739", "CVE-2007-3848", "CVE-2007-4308"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\r\noperating system. \r\n\r\nA flaw was found in the handling of process death signals. This allowed a\r\nlocal user to send arbitrary signals to the suid-process executed by that\r\nuser. A successful exploitation of this flaw depends on the structure of\r\nthe suid-program and its signal handling. (CVE-2007-3848, Important)\r\n\r\nA flaw was found in the IPv4 forwarding base. This allowed a local user to\r\ncause a denial of service. (CVE-2007-2172, Important) \r\n\r\nA flaw was found where a corrupted executable file could cause cross-region\r\nmemory mappings on Itanium systems. This allowed a local user to cause a\r\ndenial of service. (CVE-2006-4538, Moderate) \r\n\r\nA flaw was found in the stack expansion when using the hugetlb kernel on\r\nPowerPC systems. This allowed a local user to cause a denial of service.\r\n(CVE-2007-3739, Moderate) \r\n\r\nA flaw was found in the aacraid SCSI driver. This allowed a local user to\r\nmake ioctl calls to the driver that should be restricted to privileged\r\nusers. (CVE-2007-4308, Moderate) \r\n\r\nAs well, these updated packages fix the following bug:\r\n\r\n* a bug in the TCP header prediction code may have caused \"TCP: Treason\r\nuncloaked!\" messages to be logged. In certain situations this may have lead\r\nto TCP connections hanging or aborting.\r\n\r\nRed Hat Enterprise Linux 3 users are advised to upgrade to these updated\r\npackages, which contain backported patches to resolve these issues.", "modified": "2017-07-28T18:44:09", "published": "2007-12-03T05:00:00", "id": "RHSA-2007:1049", "href": "https://access.redhat.com/errata/RHSA-2007:1049", "type": "redhat", "title": "(RHSA-2007:1049) Important: kernel security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:44:49", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4814", "CVE-2007-2172", "CVE-2007-3848", "CVE-2007-4308", "CVE-2007-6063", "CVE-2007-6151", "CVE-2007-6206", "CVE-2008-0007", "CVE-2008-2136", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a flaw was found in the IPv4 forwarding base. This could allow a local,\nunprivileged user to cause a denial of service. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This allowed a\nlocal, unprivileged user to send arbitrary signals to the suid-process\nexecuted by that user. Successful exploitation of this flaw depends on the\nstructure of the suid-program and its signal handling. (CVE-2007-3848,\nImportant)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A local,\nunprivileged user could use this flaw to gain read or write access to\narbitrary kernel memory, or possibly cause a denial of service.\n(CVE-2008-0007, Important)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a local,\nunprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could\nallow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire the\nprivileges of a different group and obtain access to sensitive information.\n(CVE-2008-4210, Important)\n\n* a race condition in the mincore system core allowed a local, unprivileged\nuser to cause a denial of service. (CVE-2006-4814, Moderate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should otherwise\nbe restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use these flaws\nto cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a local,\nunprivileged user could make a root-owned process dump a core file into a\nuser-writable directory, the user could gain read access to that core file,\npotentially compromising sensitive information. (CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt file\ncreation within deleted directories, possibly causing a denial of service.\n(CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 32-bit architectures should\nupgrade to these updated packages which address these vulnerabilities. For\nthis update to take effect, the system must be rebooted.", "modified": "2018-03-14T19:26:15", "published": "2009-01-08T05:00:00", "id": "RHSA-2009:0001", "href": "https://access.redhat.com/errata/RHSA-2009:0001", "type": "redhat", "title": "(RHSA-2009:0001) Important: kernel security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:34", "bulletinFamily": "unix", "cvelist": ["CVE-2006-4538", "CVE-2006-4814", "CVE-2007-2172", "CVE-2007-3848", "CVE-2007-4308", "CVE-2007-6063", "CVE-2007-6151", "CVE-2007-6206", "CVE-2008-0007", "CVE-2008-2136", "CVE-2008-3275", "CVE-2008-3525", "CVE-2008-4210"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a flaw was found in the IPv4 forwarding base that allowed a local,\nunprivileged user to cause an out-of-bounds access. (CVE-2007-2172,\nImportant)\n\n* a flaw was found in the handling of process death signals. This allowed a\nlocal, unprivileged user to send arbitrary signals to the suid-process\nexecuted by that user. Successful exploitation of this flaw depended on the\nstructure of the suid-program and its signal handling. (CVE-2007-3848,\nImportant)\n\n* when accessing kernel memory locations, certain Linux kernel drivers\nregistering a fault handler did not perform required range checks. A local,\nunprivileged user could use this flaw to gain read or write access to\narbitrary kernel memory, or possibly cause a kernel crash. (CVE-2008-0007,\nImportant)\n\n* a possible kernel memory leak was found in the Linux kernel Simple\nInternet Transition (SIT) INET6 implementation. This could allow a local,\nunprivileged user to cause a denial of service. (CVE-2008-2136, Important)\n\n* missing capability checks were found in the SBNI WAN driver which could\nallow a local, unprivileged user to bypass intended capability\nrestrictions. (CVE-2008-3525, Important)\n\n* a flaw was found in the way files were written using truncate() or\nftruncate(). This could allow a local, unprivileged user to acquire the\nprivileges of a different group and obtain access to sensitive information.\n(CVE-2008-4210, Important)\n\n* a flaw was found in the ELF handling on Itanium-based systems. This\ntriggered a cross-region memory-mapping and allowed a local, unprivileged\nuser to cause a local denial of service. (CVE-2006-4538, Moderate)\n\n* a race condition in the mincore system core allowed a local, unprivileged\nuser to cause a local denial of service (system hang). (CVE-2006-4814,\nModerate)\n\n* a flaw was found in the aacraid SCSI driver. This allowed a local,\nunprivileged user to make ioctl calls to the driver which should otherwise\nbe restricted to privileged users. (CVE-2007-4308, Moderate)\n\n* two buffer overflow flaws were found in the Integrated Services Digital\nNetwork (ISDN) subsystem. A local, unprivileged user could use these flaws\nto cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate)\n\n* a flaw was found in the way core dump files were created. If a local,\nunprivileged user could make a root-owned process dump a core file into a\nuser-writable directory, the user could gain read access to that core file,\npotentially compromising sensitive information. (CVE-2007-6206, Moderate)\n\n* a deficiency was found in the Linux kernel virtual file system (VFS)\nimplementation. This could allow a local, unprivileged user to attempt file\ncreation within deleted directories, possibly causing a local denial of\nservice. (CVE-2008-3275, Moderate)\n\nAll users of Red Hat Enterprise Linux 2.1 on 64-bit architectures should\nupgrade to these updated packages, which contain backported patches to\nresolve these issues.", "modified": "2018-03-14T19:25:37", "published": "2009-01-05T05:00:00", "id": "RHSA-2008:0787", "href": "https://access.redhat.com/errata/RHSA-2008:0787", "type": "redhat", "title": "(RHSA-2008:0787) Important: kernel security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:55", "bulletinFamily": "unix", "cvelist": ["CVE-2006-6921", "CVE-2007-2878", "CVE-2007-3105", "CVE-2007-3739", "CVE-2007-3740", "CVE-2007-3843", "CVE-2007-3848", "CVE-2007-4308", "CVE-2007-4571"], "description": "The Linux kernel is the core of the operating system.\r\n\r\nThese updated kernel packages contain fixes for the following security\r\nissues:\r\n\r\n* A flaw was found in the handling of process death signals. This allowed a\r\nlocal user to send arbitrary signals to the suid-process executed by that\r\nuser. A successful exploitation of this flaw depends on the structure of\r\nthe suid-program and its signal handling. (CVE-2007-3848, Important)\r\n\r\n* A flaw was found in the CIFS file system. This could cause the umask\r\nvalues of a process to not be honored on CIFS file systems where UNIX\r\nextensions are supported. (CVE-2007-3740, Important)\r\n\r\n* A flaw was found in the VFAT compat ioctl handling on 64-bit systems. \r\nThis allowed a local user to corrupt a kernel_dirent struct and cause a\r\ndenial of service. (CVE-2007-2878, Important) \r\n\r\n* A flaw was found in the Advanced Linux Sound Architecture (ALSA). A local\r\nuser who had the ability to read the /proc/driver/snd-page-alloc file could\r\nsee portions of kernel memory. (CVE-2007-4571, Moderate) \r\n\r\n* A flaw was found in the aacraid SCSI driver. This allowed a local user to\r\nmake ioctl calls to the driver that should be restricted to privileged\r\nusers. (CVE-2007-4308, Moderate) \r\n\r\n* A flaw was found in the stack expansion when using the hugetlb kernel on\r\nPowerPC systems. This allowed a local user to cause a denial of service.\r\n(CVE-2007-3739, Moderate) \r\n\r\n* A flaw was found in the handling of zombie processes. A local user could\r\ncreate processes that would not be properly reaped which could lead to a\r\ndenial of service. (CVE-2006-6921, Moderate)\r\n\r\n* A flaw was found in the CIFS file system handling. The mount option\r\n\"sec=\" did not enable integrity checking or produce an error message if\r\nused. (CVE-2007-3843, Low)\r\n\r\n* A flaw was found in the random number generator implementation that\r\nallowed a local user to cause a denial of service or possibly gain\r\nprivileges. This flaw could be exploited if the root user raised the\r\ndefault wakeup threshold over the size of the output pool.\r\n(CVE-2007-3105, Low)\r\n\r\nAdditionally, the following bugs were fixed:\r\n\r\n* A flaw was found in the kernel netpoll code, creating a potential\r\ndeadlock condition. If the xmit_lock for a given network interface is\r\nheld, and a subsequent netpoll event is generated from within the lock\r\nowning context (a console message for example), deadlock on that cpu will\r\nresult, because the netpoll code will attempt to re-acquire the xmit_lock.\r\n The fix is to, in the netpoll code, only attempt to take the lock, and\r\nfail if it is already acquired (rather than block on it), and queue the\r\nmessage to be sent for later delivery. Any user of netpoll code in the\r\nkernel (netdump or netconsole services), is exposed to this problem, and\r\nshould resolve the issue by upgrading to this kernel release immediately.\r\n\r\n* A flaw was found where, under 64-bit mode (x86_64), AMD processors were\r\nnot able to address greater than a 40-bit physical address space; and Intel\r\nprocessors were only able to address up to a 36-bit physical address space. \r\nThe fix is to increase the physical addressing for an AMD processor to 48\r\nbits, and an Intel processor to 38 bits. Please see the Red Hat\r\nKnowledgebase for more detailed information.\r\n\r\n* A flaw was found in the xenU kernel that may prevent a paravirtualized\r\nguest with more than one CPU from starting when running under an Enterprise\r\nLinux 5.1 hypervisor. The fix is to allow your Enterprise Linux 4 Xen SMP\r\nguests to boot under a 5.1 hypervisor. Please see the Red Hat Knowledgebase\r\nfor more detailed information.\r\n \r\nRed Hat Enterprise Linux 4 users are advised to upgrade to these updated\r\npackages, which contain backported patches to correct these issues.", "modified": "2017-09-08T11:48:49", "published": "2007-11-01T04:00:00", "id": "RHSA-2007:0939", "href": "https://access.redhat.com/errata/RHSA-2007:0939", "type": "redhat", "title": "(RHSA-2007:0939) Important: kernel security update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:45:17", "bulletinFamily": "unix", "cvelist": ["CVE-2006-7203", "CVE-2007-1353", "CVE-2007-2453", "CVE-2007-2525"], "description": "The Linux kernel handles the basic functions of the operating system.\r\n\r\nThese new kernel packages contain fixes for the following security issues:\r\n\r\n* a flaw in the mount handling routine for 64-bit systems that allowed a\r\nlocal user to cause denial of service (CVE-2006-7203, Important).\r\n\r\n* a flaw in the PPP over Ethernet implementation that allowed a remote user\r\nto cause a denial of service (CVE-2007-2525, Important).\r\n\r\n* a flaw in the Bluetooth subsystem that allowed a local user to trigger an\r\ninformation leak (CVE-2007-1353, Low).\r\n\r\n* a bug in the random number generator that prevented the manual seeding of\r\nthe entropy pool (CVE-2007-2453, Low).\r\n\r\nIn addition to the security issues described above, fixes for the following\r\nhave been included:\r\n\r\n* a race condition between ext3_link/unlink that could create an orphan\r\ninode list corruption.\r\n\r\n* a bug in the e1000 driver that could lead to a watchdog timeout panic.\r\n\r\nRed Hat Enterprise Linux 5 users are advised to upgrade to these packages,\r\nwhich contain backported patches to correct these issues.", "modified": "2017-09-08T11:56:07", "published": "2007-06-14T04:00:00", "id": "RHSA-2007:0376", "href": "https://access.redhat.com/errata/RHSA-2007:0376", "type": "redhat", "title": "(RHSA-2007:0376) Important: kernel security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:57:34", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5904", "CVE-2007-3848", "CVE-2007-6151", "CVE-2007-4308", "CVE-2008-0007"], "description": "The Linux kernel was updated for SUSE Linux Enterprise Server 9 SP4, Novell Linux Desktop 9, and Open Enterprise Server and fixes the following security problems:\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2008-03-28T14:11:32", "published": "2008-03-28T14:11:32", "id": "SUSE-SA:2008:017", "href": "http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00007.html", "type": "suse", "title": "remote denial of service in kernel", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "f5": [{"lastseen": "2016-09-26T17:22:50", "bulletinFamily": "software", "cvelist": ["CVE-2007-3740"], "edition": 1, "description": "A flaw in the CIFS filesystem could cause the umask values of a process to not be honored.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3740>\n", "modified": "2013-03-18T00:00:00", "published": "2008-06-30T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/8000/900/sol8921.html", "id": "SOL8921", "title": "SOL8921 - Linux kernel vulnerability CVE-2007-3740", "type": "f5", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:04", "bulletinFamily": "software", "cvelist": ["CVE-2007-3739"], "edition": 1, "description": "A flaw in the stack expansion when using the hugetlb kernel on a PowerPC system allows a local user to cause a denial of service.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3739>\n\n**Note**: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge.\n", "modified": "2013-03-18T00:00:00", "published": "2008-06-30T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/8000/900/sol8922.html", "id": "SOL8922", "title": "SOL8922 - Linux kernel vulnerability CVE-2007-3739", "type": "f5", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:26", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573"], "edition": 1, "description": "", "modified": "2016-01-09T02:30:00", "published": "2007-12-21T03:00:00", "href": "https://support.f5.com/csp/article/K8171", "id": "F5:K8171", "title": "Linux kernel IA32 System Call vulnerability - CVE-2007-4573", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:20", "bulletinFamily": "software", "cvelist": ["CVE-2007-4573"], "edition": 1, "description": "**Vulnerability description**\n\nThis security advisory describes a vulnerability in the Linux kernel which may allow local users to gain elevated privileges using the IA32 system call emulation functionality on 64-bit platforms.\n\nInformation about this advisory is available at the following location:\n\n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4573>\n", "modified": "2013-03-19T00:00:00", "published": "2007-12-20T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/8000/100/sol8171.html", "id": "SOL8171", "title": "SOL8171 - Linux kernel IA32 System Call vulnerability - CVE-2007-4573", "type": "f5", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:01", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6417", "CVE-2008-0001", "CVE-2007-4133", "CVE-2007-6151", "CVE-2006-7229", "CVE-2007-5093", "CVE-2007-4997", "CVE-2007-6206", "CVE-2006-6058", "CVE-2007-6063", "CVE-2007-5500"], "description": "The minix filesystem did not properly validate certain filesystem \nvalues. If a local attacker could trick the system into attempting \nto mount a corrupted minix filesystem, the kernel could be made to \nhang for long periods of time, resulting in a denial of service. \n(CVE-2006-6058)\n\nAlexander Schulze discovered that the skge driver does not properly \nuse the spin_lock and spin_unlock functions. Remote attackers could \nexploit this by sending a flood of network traffic and cause a denial \nof service (crash). (CVE-2006-7229)\n\nHugh Dickins discovered that hugetlbfs performed certain prio_tree \ncalculations using HPAGE_SIZE instead of PAGE_SIZE. A local user \ncould exploit this and cause a denial of service via kernel panic. \n(CVE-2007-4133)\n\nChris Evans discovered an issue with certain drivers that use the \nieee80211_rx function. Remote attackers could send a crafted 802.11 \nframe and cause a denial of service via crash. (CVE-2007-4997)\n\nAlex Smith discovered an issue with the pwc driver for certain webcam \ndevices. A local user with physical access to the system could remove \nthe device while a userspace application had it open and cause the USB \nsubsystem to block. (CVE-2007-5093)\n\nScott James Remnant discovered a coding error in ptrace. Local users \ncould exploit this and cause the kernel to enter an infinite loop. \n(CVE-2007-5500)\n\nVenustech AD-LAB discovered a buffer overflow in the isdn net \nsubsystem. This issue is exploitable by local users via crafted input \nto the isdn_ioctl function. (CVE-2007-6063)\n\nIt was discovered that the isdn subsystem did not properly check for \nNULL termination when performing ioctl handling. A local user could \nexploit this to cause a denial of service. (CVE-2007-6151)\n\nBlake Frantz discovered that when a root process overwrote an existing \ncore file, the resulting core file retained the previous core file's \nownership. Local users could exploit this to gain access to sensitive \ninformation. (CVE-2007-6206)\n\nHugh Dickins discovered the when using the tmpfs filesystem, under \nrare circumstances, a kernel page may be improperly cleared. A local \nuser may be able to exploit this and read sensitive kernel data or \ncause a denial of service via crash. (CVE-2007-6417)\n\nBill Roman discovered that the VFS subsystem did not properly check \naccess modes. A local user may be able to gain removal privileges \non directories. (CVE-2008-0001)", "edition": 5, "modified": "2008-02-14T00:00:00", "published": "2008-02-14T00:00:00", "id": "USN-578-1", "href": "https://ubuntu.com/security/notices/USN-578-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:27:06", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4573", "CVE-2007-3739", "CVE-2007-3731", "CVE-2007-3740"], "description": "Evan Teran discovered that the Linux kernel ptrace routines did not \ncorrectly handle certain requests robustly. Local attackers could exploit \nthis to crash the system, causing a denial of service. (CVE-2007-3731)\n\nIt was discovered that hugetlb kernels on PowerPC systems did not prevent \nthe stack from colliding with reserved kernel memory. Local attackers \ncould exploit this and crash the system, causing a denial of service. \n(CVE-2007-3739)\n\nIt was discovered that certain CIFS filesystem actions did not honor \nthe umask of a process. Local attackers could exploit this to gain \nadditional privileges. (CVE-2007-3740)\n\nWojciech Purczynski discovered that the Linux kernel ia32 syscall \nemulation in x86_64 kernels did not correctly clear the high bits of \nregisters. Local attackers could exploit this to gain root privileges. \n(CVE-2007-4573)", "edition": 5, "modified": "2007-09-25T00:00:00", "published": "2007-09-25T00:00:00", "id": "USN-518-1", "href": "https://ubuntu.com/security/notices/USN-518-1", "title": "linux-source-2.6.15, linux-source-2.6.17, linux-source-2.6.20 vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}