{"nessus": [{"lastseen": "2023-01-11T15:01:10", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n - CVE-2008-5395 Helge Deller discovered a denial of service condition that allows local users on PA-RISC to crash the system by attempting to unwind a stack containing userspace addresses.\n\n - CVE-2008-5701 Vlad Malov reported an issue on 64-bit MIPS where a local user could cause a system crash by crafting a malicious binary which makes o32 syscalls with a number less than 4000.\n\n - CVE-2008-5702 Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2008-5713 Flavio Leitner discovered that a local user can cause a denial of service by generating large amounts of traffic on a large SMP system, resulting in soft lockups.\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all available kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1336 Trond Myklebust reported an issue in the encode_lookup() function in the nfs server subsystem that allows local users to cause a denial of service (oops in encode_lookup()) by use of a long filename.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-11T00:00:00", "type": "nessus", "title": "Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-5395", "CVE-2008-5701", "CVE-2008-5702", "CVE-2008-5713", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0859", "CVE-2009-1192", "CVE-2009-1265", "CVE-2009-1336", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1794.NASL", "href": "https://www.tenable.com/plugins/nessus/38722", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1794. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38722);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5395\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2008-5713\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1192\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n script_bugtraq_id(33113, 33846, 33951, 34020, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1794\");\n\n script_name(english:\"Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to denial of service, privilege escalation, or information\nleak. The Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2008-4307\n Bryn M. Reeves reported a denial of service in the NFS\n filesystem. Local users can trigger a kernel BUG() due\n to a race condition in the do_setlk function.\n\n - CVE-2008-5395\n Helge Deller discovered a denial of service condition\n that allows local users on PA-RISC to crash the system\n by attempting to unwind a stack containing userspace\n addresses.\n\n - CVE-2008-5701\n Vlad Malov reported an issue on 64-bit MIPS where a\n local user could cause a system crash by crafting a\n malicious binary which makes o32 syscalls with a number\n less than 4000.\n\n - CVE-2008-5702\n Zvonimir Rakamaric reported an off-by-one error in the\n ib700wdt watchdog driver which allows local users to\n cause a buffer underflow by making a specially crafted\n WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2008-5713\n Flavio Leitner discovered that a local user can cause a\n denial of service by generating large amounts of traffic\n on a large SMP system, resulting in soft lockups.\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all available kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users,\n permitting remote code execution.\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem that\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1336\n Trond Myklebust reported an issue in the encode_lookup()\n function in the nfs server subsystem that allows local\n users to cause a denial of service (oops in\n encode_lookup()) by use of a long filename.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1794\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6, fai-kernels, and user-mode-linux packages.\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 2.6.18.dfsg.1-24etch2.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"fai-kernels\", reference:\"1.17+etch.24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-alpha\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-arm\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-hppa\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-i386\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-ia64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mips\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-mipsel\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-s390\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-all-sparc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-486\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-686-bigmem\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-generic\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-legacy\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-alpha-smp\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-footbridge\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-iop32x\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-itanium\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-ixp4xx\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-mckinley\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc-smp\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-parisc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-miboot\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-prep\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-qemu\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r3k-kn02\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-ip22\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r4k-kn04\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-cobalt\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-r5k-ip32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-rpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390-tape\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-s3c2410\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1-bcm91250a\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sb1a-bcm91480b\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc32\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-sparc64-smp\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-alpha\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-k7\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-powerpc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-s390x\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-vserver-sparc64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.18\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-modules-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.18-6\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.18\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"user-mode-linux\", reference:\"2.6.18-1um-2etch.24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-686\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-amd64\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-686\", reference:\"2.6.18.dfsg.1-24etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"xen-linux-system-2.6.18-6-xen-vserver-amd64\", reference:\"2.6.18.dfsg.1-24etch2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:01:35", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n - CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc.\n\n - CVE-2008-5395 Helge Deller discovered a denial of service condition that allows local users on PA-RISC systems to crash a system by attempting to unwind a stack containing userspace addresses.\n\n - CVE-2008-5700 Alan Cox discovered a lack of minimum timeouts on SG_IO requests, which allows local users of systems using ATA to cause a denial of service by forcing drives into PIO mode.\n\n - CVE-2008-5701 Vlad Malov reported an issue on 64-bit MIPS systems where a local user could cause a system crash by crafing a malicious binary which makes o32 syscalls with a number less than 4000.\n\n - CVE-2008-5702 Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n - CVE-2009-0269 Duane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption).\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0745 Peter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046 Mikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1242 Benjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1338 Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-04T00:00:00", "type": "nessus", "title": "Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-5079", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5701", "CVE-2008-5702", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0834", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1787.NASL", "href": "https://www.tenable.com/plugins/nessus/38668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1787. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38668);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5079\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_bugtraq_id(32676, 33113, 33672, 33846, 33951, 34020, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1787\");\n\n script_name(english:\"Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-4307\n Bryn M. Reeves reported a denial of service in the NFS\n filesystem. Local users can trigger a kernel BUG() due\n to a race condition in the do_setlk function.\n\n - CVE-2008-5079\n Hugo Dias reported a DoS condition in the ATM subsystem\n that can be triggered by a local user by calling the\n svc_listen function twice on the same socket and reading\n /proc/net/atm/*vc.\n\n - CVE-2008-5395\n Helge Deller discovered a denial of service condition\n that allows local users on PA-RISC systems to crash a\n system by attempting to unwind a stack containing\n userspace addresses.\n\n - CVE-2008-5700\n Alan Cox discovered a lack of minimum timeouts on SG_IO\n requests, which allows local users of systems using ATA\n to cause a denial of service by forcing drives into PIO\n mode.\n\n - CVE-2008-5701\n Vlad Malov reported an issue on 64-bit MIPS systems\n where a local user could cause a system crash by crafing\n a malicious binary which makes o32 syscalls with a\n number less than 4000.\n\n - CVE-2008-5702\n Zvonimir Rakamaric reported an off-by-one error in the\n ib700wdt watchdog driver which allows local users to\n cause a buffer underflow by making a specially crafted\n WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all of kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users,\n permitting remote code execution.\n\n - CVE-2009-0269\n Duane Griffin provided a fix for an issue in the\n eCryptfs subsystem which allows local users to cause a\n denial of service (fault or memory corruption).\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0745\n Peter Kerwien discovered an issue in the ext4 filesystem\n that allows local users to cause a denial of service\n (kernel oops) during a resize operation.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046\n Mikulas Patocka reported an issue in the console\n subsystem that allows a local user to cause memory\n corruption by selecting a small number of 3-byte UTF-8\n characters.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem that\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1242\n Benjamin Gilbert reported a local denial of service\n vulnerability in the KVM VMX implementation that allows\n local users to trigger an oops.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1338\n Daniel Hokka Zakrisson discovered that a kill(-1) is\n permitted to reach processes outside of the current\n process namespace.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1787\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the oldstable distribution (etch), these problems have been fixed\nin version 2.6.24-6~etchnhalf.8etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:54:18", "description": "NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. (CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service.\n(CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028)\n\nThe 64-bit syscall interfaces did not correctly handle sign extension.\nA local attacker could make malicious syscalls, possibly gaining root privileges. The x86_64 architecture was not affected. (CVE-2009-0029)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065)\n\nThe Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676)\n\nThe syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0065", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-54", "p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:fglrx-control", "p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:linux", "p-cpe:/a:canonical:ubuntu_linux:linux-386", "p-cpe:/a:canonical:ubuntu_linux:linux-686", "p-cpe:/a:canonical:ubuntu_linux:linux-686-smp", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-386", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-686", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-server", "p-cpe:/a:canonical:ubuntu_linux:linux-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-server", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common", "p-cpe:/a:canonical:ubuntu_linux:linux-server", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy", "p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev", "p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx", "p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts"], "id": "UBUNTU_USN-752-1.NASL", "href": "https://www.tenable.com/plugins/nessus/36418", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-752-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36418);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\");\n script_bugtraq_id(33113, 33846, 33948, 33951, 34020);\n script_xref(name:\"USN\", value:\"752-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NFS did not correctly handle races between fcntl and interrupts. A\nlocal attacker on an NFS mount could consume unlimited kernel memory,\nleading to a denial of service. (CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker\ncould cause a system panic, leading to a denial of service.\n(CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to\nparent processes, crossing privilege boundaries. A local attacker\ncould send arbitrary signals to parent processes, leading to a denial\nof service. (CVE-2009-0028)\n\nThe 64-bit syscall interfaces did not correctly handle sign extension.\nA local attacker could make malicious syscalls, possibly gaining root\nprivileges. The x86_64 architecture was not affected. (CVE-2009-0029)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A\nremote attacker could send specially crafted SCTP traffic causing a\nsystem crash, leading to a denial of service. (CVE-2009-0065)\n\nThe Dell platform device did not correctly validate user parameters. A\nlocal attacker could perform specially crafted reads to crash the\nsystem, leading to a denial of service. (CVE-2009-0322)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not\ncheck capabilities. A local user could reset statistics, potentially\ninterfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A\nlocal attacker could read leaked kernel memory, leading to a loss of\nprivacy. (CVE-2009-0676)\n\nThe syscall interface did not correctly validate parameters when\ncrossing the 64-bit/32-bit boundary. A local attacker could bypass\ncertain syscall restricts via crafted syscalls. (CVE-2009-0834,\nCVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl\ncalls when CONFIG_SHMEM was disabled. Ubuntu kernels were not\nvulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/752-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-54\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-control\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-686-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0065\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-752-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-firmware-2.6.15-54\", pkgver:\"3.11+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"avm-fritz-kernel-source\", pkgver:\"3.11+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-control\", pkgver:\"8.25.18+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"fglrx-kernel-source\", pkgver:\"8.25.18+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-686-smp\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-k8-smp\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-386\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-686\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-2.6.15-54-server\", pkgver:\"2.6.15-54.12\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-backports-modules-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-386\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-686\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-386\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-686\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-server\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-386\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-686\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-amd64-generic\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-amd64-k8\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-386\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-686\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-amd64-generic\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-amd64-k8\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-amd64-xeon\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-restricted-modules-common\", pkgver:\"2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-server\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source\", pkgver:\"2.6.15.55\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-54.76\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx\", pkgver:\"1.0.8776+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-dev\", pkgver:\"1.0.8776+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy\", pkgver:\"1.0.7174+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-glx-legacy-dev\", pkgver:\"1.0.7174+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-kernel-source\", pkgver:\"1.0.8776+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"nvidia-legacy-kernel-source\", pkgver:\"1.0.7174+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx\", pkgver:\"7.0.0-8.25.18+2.6.15.12-54.5\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"xorg-driver-fglrx-dev\", pkgver:\"7.0.0-8.25.18+2.6.15.12-54.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"avm-fritz-firmware / avm-fritz-firmware-2.6.15-54 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:03:25", "description": "This kernel update for openSUSE 10.3 fixes some bugs and several security problems.\n\nThe following security issues are fixed: A local denial of service problem in the splice(2) system call.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness).\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c in the Linux kernel does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.\n\nSome other non-security bugs were fixed, please see the RPM changelog.", "cvss3": {}, "published": "2009-06-09T00:00:00", "type": "nessus", "title": "openSUSE 10 Security Update : kernel (kernel-6274)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4554", "CVE-2008-5702", "CVE-2009-0028", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-bigsmp", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xenpae", "cpe:/o:novell:opensuse:10.3"], "id": "SUSE_KERNEL-6274.NASL", "href": "https://www.tenable.com/plugins/nessus/39335", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-6274.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39335);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4554\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"openSUSE 10 Security Update : kernel (kernel-6274)\");\n script_summary(english:\"Check for the kernel-6274 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for openSUSE 10.3 fixes some bugs and several\nsecurity problems.\n\nThe following security issues are fixed: A local denial of service\nproblem in the splice(2) system call.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on\nthe x86_64 platform did not properly handle (1) a 32-bit process\nmaking a 64-bit syscall or (2) a 64-bit process making a 32-bit\nsyscall, which allows local users to bypass certain syscall audit\nconfigurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD\ncapability before handling a user request in a thread, which allows\nlocal users to create device nodes, as demonstrated on a filesystem\nthat has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in\nthe seccomp subsystem in the Linux kernel on the x86_64 platform, when\nCONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit\nprocess making a 64-bit syscall or (2) a 64-bit process making a\n32-bit syscall, which allows local users to bypass intended access\nrestrictions via crafted syscalls that are misinterpreted as (a) stat\nor (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the\nLinux kernel 2.6.29 and earlier allows remote attackers to cause a\ndenial of service (crash) or potential code execution via a long\nnativeFileSystem field in a Tree Connect response to an SMB mount\nrequest.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm\nsubsystem in the Linux kernel, when CONFIG_SHMEM is disabled,\nmisinterprets the data type of an inode, which allows local users to\ncause a denial of service (system hang) via an SHM_INFO shmctl call,\nas demonstrated by running the ipcs program. (SUSE is enabling\nCONFIG_SHMEM, so is by default not affected, the fix is just for\ncompleteness).\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local\nusers to send arbitrary signals to a parent process from an\nunprivileged child process by launching an additional child process\nwith the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the\nLinux kernel does not initialize a certain structure member, which\nallows local users to obtain potentially sensitive information from\nkernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows\nlocal users to cause a denial of service (system crash) via a read\nsystem call that specifies zero bytes from the (1) image_type or (2)\npacket_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the\nLinux kernel allows local users to cause a denial of service (fault or\nmemory corruption), or possibly have unspecified other impact, via a\nreadlink call that results in an error, leading to use of a -1 return\nvalue as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the\nStream Control Transmission Protocol (sctp) implementation in the\nLinux kernel allows remote attackers to have an unknown impact via an\nFWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nCVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in\ndrivers/watchdog/ib700wdt.c in the Linux kernel might allow local\nusers to have an unknown impact via a certain /dev/watchdog\nWDIOC_SETTIMEOUT IOCTL call.\n\nCVE-2008-4554: The do_splice_from function in fs/splice.c in the Linux\nkernel does not reject file descriptors that have the O_APPEND flag\nset, which allows local users to bypass append mode and make arbitrary\nchanges to other locations in the file.\n\nSome other non-security bugs were fixed, please see the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xenpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-bigsmp-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-debug-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-default-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-source-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-syms-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xen-2.6.22.19-0.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kernel-xenpae-2.6.22.19-0.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-bigsmp / kernel-debug / kernel-default / kernel-source / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:06:35", "description": "This kernel update for openSUSE 11.0 fixes some bugs and several security problems.\n\nThe following security issues are fixed: A local denial of service problem in the splice(2) system call.\n\nCVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness).\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an 'inverted logic' issue.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nSome other non-security bugs were fixed, please see the RPM changelog.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-951)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0028", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439", "CVE-2009-1630"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:acerhk-kmp-debug", "p-cpe:/a:novell:opensuse:acx-kmp-debug", "p-cpe:/a:novell:opensuse:appleir-kmp-debug", "p-cpe:/a:novell:opensuse:at76_usb-kmp-debug", "p-cpe:/a:novell:opensuse:atl2-kmp-debug", "p-cpe:/a:novell:opensuse:aufs-kmp-debug", "p-cpe:/a:novell:opensuse:dazuko-kmp-debug", "p-cpe:/a:novell:opensuse:drbd-kmp-debug", "p-cpe:/a:novell:opensuse:gspcav-kmp-debug", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug", "p-cpe:/a:novell:opensuse:ivtv-kmp-debug", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kqemu-kmp-debug", "p-cpe:/a:novell:opensuse:nouveau-kmp-debug", "p-cpe:/a:novell:opensuse:omnibook-kmp-debug", "p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug", "p-cpe:/a:novell:opensuse:pcfclock-kmp-debug", "p-cpe:/a:novell:opensuse:tpctl-kmp-debug", "p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug", "p-cpe:/a:novell:opensuse:vmware-kmp-debug", "p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug", "cpe:/o:novell:opensuse:11.0"], "id": "SUSE_11_0_KERNEL-090602.NASL", "href": "https://www.tenable.com/plugins/nessus/40012", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-951.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40012);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\", \"CVE-2009-1630\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-951)\");\n script_summary(english:\"Check for the kernel-951 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for openSUSE 11.0 fixes some bugs and several\nsecurity problems.\n\nThe following security issues are fixed: A local denial of service\nproblem in the splice(2) system call.\n\nCVE-2009-1630: The nfs_permission function in fs/nfs/dir.c in the NFS\nclient implementation in the Linux kernel when atomic_open is\navailable, does not check execute (aka EXEC or MAY_EXEC) permission\nbits, which allows local users to bypass permissions and execute\nfiles, as demonstrated by files on an NFSv4 fileserver.\n\nCVE-2009-0834: The audit_syscall_entry function in the Linux kernel on\nthe x86_64 platform did not properly handle (1) a 32-bit process\nmaking a 64-bit syscall or (2) a 64-bit process making a 32-bit\nsyscall, which allows local users to bypass certain syscall audit\nconfigurations via crafted syscalls.\n\nCVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD\ncapability before handling a user request in a thread, which allows\nlocal users to create device nodes, as demonstrated on a filesystem\nthat has been exported with the root_squash option.\n\nCVE-2009-0835 The __secure_computing function in kernel/seccomp.c in\nthe seccomp subsystem in the Linux kernel on the x86_64 platform, when\nCONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit\nprocess making a 64-bit syscall or (2) a 64-bit process making a\n32-bit syscall, which allows local users to bypass intended access\nrestrictions via crafted syscalls that are misinterpreted as (a) stat\nor (b) chmod.\n\nCVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the\nLinux kernel 2.6.29 and earlier allows remote attackers to cause a\ndenial of service (crash) or potential code execution via a long\nnativeFileSystem field in a Tree Connect response to an SMB mount\nrequest.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nCVE-2009-0859: The shm_get_stat function in ipc/shm.c in the shm\nsubsystem in the Linux kernel, when CONFIG_SHMEM is disabled,\nmisinterprets the data type of an inode, which allows local users to\ncause a denial of service (system hang) via an SHM_INFO shmctl call,\nas demonstrated by running the ipcs program. (SUSE is enabling\nCONFIG_SHMEM, so is by default not affected, the fix is just for\ncompleteness).\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the\nVMX implementation in the KVM subsystem in the Linux kernel on the\ni386 platform allows guest OS users to cause a denial of service\n(OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the\nExtended Feature Enable Register (EFER) model-specific register, which\nis specific to the x86_64 platform.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-0028: The clone system call in the Linux kernel allows local\nusers to send arbitrary signals to a parent process from an\nunprivileged child process by launching an additional child process\nwith the CLONE_PARENT flag, and then letting this new process exit.\n\nCVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in\nthe Linux kernel permits SKFP_CLR_STATS requests only when the\nCAP_NET_ADMIN capability is absent, instead of when this capability is\npresent, which allows local users to reset the driver statistics,\nrelated to an 'inverted logic' issue.\n\nCVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the\nLinux kernel does not initialize a certain structure member, which\nallows local users to obtain potentially sensitive information from\nkernel memory via an SO_BSDCOMPAT getsockopt request.\n\nCVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows\nlocal users to cause a denial of service (system crash) via a read\nsystem call that specifies zero bytes from the (1) image_type or (2)\npacket_size file in /sys/devices/platform/dell_rbu/.\n\nCVE-2009-0269: fs/ecryptfs/inode.c in the eCryptfs subsystem in the\nLinux kernel allows local users to cause a denial of service (fault or\nmemory corruption), or possibly have unspecified other impact, via a\nreadlink call that results in an error, leading to use of a -1 return\nvalue as an array index.\n\nCVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the\nStream Control Transmission Protocol (sctp) implementation in the\nLinux kernel allows remote attackers to have an unknown impact via an\nFWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.\n\nSome other non-security bugs were fixed, please see the RPM changelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=399966\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=407523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=429484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=462365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=463522\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465963\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=470942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=470943\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=472896\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=478002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=478003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=482720\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483820\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497551\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503353\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(16, 20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acerhk-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:acx-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:appleir-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:at76_usb-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:atl2-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gspcav-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ivtv-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nouveau-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:omnibook-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcc-acpi-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tpctl-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:uvcvideo-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:wlan-ng-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acerhk-kmp-debug-0.5.35_2.6.25.20_0.4-98.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"acx-kmp-debug-20080210_2.6.25.20_0.4-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"appleir-kmp-debug-1.1_2.6.25.20_0.4-108.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"at76_usb-kmp-debug-0.17_2.6.25.20_0.4-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"atl2-kmp-debug-2.0.4_2.6.25.20_0.4-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"aufs-kmp-debug-cvs20080429_2.6.25.20_0.4-13.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"dazuko-kmp-debug-2.3.4.4_2.6.25.20_0.4-42.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"drbd-kmp-debug-8.2.6_2.6.25.20_0.4-0.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"gspcav-kmp-debug-01.00.20_2.6.25.20_0.4-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"iscsitarget-kmp-debug-0.4.15_2.6.25.20_0.4-63.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"ivtv-kmp-debug-1.0.3_2.6.25.20_0.4-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-debug-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-default-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-pae-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-source-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-syms-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-vanilla-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kernel-xen-2.6.25.20-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"kqemu-kmp-debug-1.3.0pre11_2.6.25.20_0.4-7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"nouveau-kmp-debug-0.10.1.20081112_2.6.25.20_0.4-0.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"omnibook-kmp-debug-20080313_2.6.25.20_0.4-1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pcc-acpi-kmp-debug-0.9_2.6.25.20_0.4-4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"pcfclock-kmp-debug-0.44_2.6.25.20_0.4-207.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"tpctl-kmp-debug-4.17_2.6.25.20_0.4-189.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"uvcvideo-kmp-debug-r200_2.6.25.20_0.4-2.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"virtualbox-ose-kmp-debug-1.5.6_2.6.25.20_0.4-33.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"vmware-kmp-debug-2008.04.14_2.6.25.20_0.4-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"wlan-ng-kmp-debug-0.2.8_2.6.25.20_0.4-107.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"acerhk-kmp-debug / acx-kmp-debug / appleir-kmp-debug / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:56:21", "description": "From Red Hat Security Advisory 2009:0459 :\n\nUpdated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r) architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-0459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenU", "p-cpe:/a:oracle:linux:kernel-xenU-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/67853", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0459 and \n# Oracle Linux Security Advisory ELSA-2009-0459 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67853);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n script_bugtraq_id(33846, 33951);\n script_xref(name:\"RHSA\", value:\"2009:0459\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-0459)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0459 :\n\nUpdated kernel packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate\nthe signal it wants to receive when its child exits. When clone() is\ncalled with the CLONE_PARENT flag, it permits the caller to clone a\nnew child that shares the same parent as itself, enabling the\nindicated signal to be sent to the caller's parent (instead of the\ncaller), even if the caller's parent has different real and effective\nuser IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to\nuser-space when the getsockopt() function is called with SO_BSDCOMPAT\noptname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7\nguests if their guest configuration file specified 'vif = [\n'type=ioemu' ]'. This crash only occurred when starting guests via the\n'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise\nLinux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs\nduring installation and 'NMI received for unknown reason [xx]' errors\nmay have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a\nnetwork interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r)\narchitecture, possibly triggered by tracing a threaded process with\nstrace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI\nLogic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read\ncommands sent to tape devices may have received incorrect data. This\nissue may have led to data corruption. This update includes a fix for\nall types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO\nsubsystem between the read_events() and aio_complete() functions. This\nmay have caused a thread in read_events() to sleep indefinitely,\npossibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code,\nmodifications to some pages (for files on an NFS mounted file system)\nmade through a region of memory mapped by mmap() may be lost if the\nNFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a\nsystem crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause\nof certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580\nG5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The\nsystem must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/000993.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0459\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:59:20", "description": "Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r) architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-05-01T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:0459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/38661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0459. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38661);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n script_bugtraq_id(33846, 33951);\n script_xref(name:\"RHSA\", value:\"2009:0459\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:0459)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate\nthe signal it wants to receive when its child exits. When clone() is\ncalled with the CLONE_PARENT flag, it permits the caller to clone a\nnew child that shares the same parent as itself, enabling the\nindicated signal to be sent to the caller's parent (instead of the\ncaller), even if the caller's parent has different real and effective\nuser IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to\nuser-space when the getsockopt() function is called with SO_BSDCOMPAT\noptname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7\nguests if their guest configuration file specified 'vif = [\n'type=ioemu' ]'. This crash only occurred when starting guests via the\n'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise\nLinux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs\nduring installation and 'NMI received for unknown reason [xx]' errors\nmay have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a\nnetwork interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r)\narchitecture, possibly triggered by tracing a threaded process with\nstrace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI\nLogic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read\ncommands sent to tape devices may have received incorrect data. This\nissue may have led to data corruption. This update includes a fix for\nall types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO\nsubsystem between the read_events() and aio_complete() functions. This\nmay have caused a thread in read_events() to sleep indefinitely,\npossibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code,\nmodifications to some pages (for files on an NFS mounted file system)\nmade through a region of memory mapped by mmap() may be lost if the\nNFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a\nsystem crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause\nof certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580\nG5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The\nsystem must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0459\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0459\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0459\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:01:54", "description": "Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r) architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-05-26T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:0459)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenU", "p-cpe:/a:centos:centos:kernel-xenU-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-0459.NASL", "href": "https://www.tenable.com/plugins/nessus/38902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0459 and \n# CentOS Errata and Security Advisory 2009:0459 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38902);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n script_bugtraq_id(33846, 33951);\n script_xref(name:\"RHSA\", value:\"2009:0459\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:0459)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate\nthe signal it wants to receive when its child exits. When clone() is\ncalled with the CLONE_PARENT flag, it permits the caller to clone a\nnew child that shares the same parent as itself, enabling the\nindicated signal to be sent to the caller's parent (instead of the\ncaller), even if the caller's parent has different real and effective\nuser IDs. This could lead to a denial of service of the parent.\n(CVE-2009-0028, Moderate)\n\n* the sock_getsockopt() function in the Linux kernel did not properly\ninitialize a data structure that can be directly returned to\nuser-space when the getsockopt() function is called with SO_BSDCOMPAT\noptname set. This flaw could possibly lead to memory disclosure.\n(CVE-2009-0676, Moderate)\n\nBug fixes :\n\n* a kernel crash may have occurred for Red Hat Enterprise Linux 4.7\nguests if their guest configuration file specified 'vif = [\n'type=ioemu' ]'. This crash only occurred when starting guests via the\n'xm create' command. (BZ#477146)\n\n* a bug in IO-APIC NMI watchdog may have prevented Red Hat Enterprise\nLinux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs\nduring installation and 'NMI received for unknown reason [xx]' errors\nmay have occurred. (BZ#479184)\n\n* a kernel deadlock on some systems when using netdump through a\nnetwork interface that uses the igb driver. (BZ#480579)\n\n* a possible kernel hang in sys_ptrace() on the Itanium(r)\narchitecture, possibly triggered by tracing a threaded process with\nstrace. (BZ#484904)\n\n* the RHSA-2008:0665 errata only fixed the known problem with the LSI\nLogic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read\ncommands sent to tape devices may have received incorrect data. This\nissue may have led to data corruption. This update includes a fix for\nall types of devices. (BZ#487399)\n\n* a missing memory barrier caused a race condition in the AIO\nsubsystem between the read_events() and aio_complete() functions. This\nmay have caused a thread in read_events() to sleep indefinitely,\npossibly causing an application hang. (BZ#489935)\n\n* due to a lack of synchronization in the NFS client code,\nmodifications to some pages (for files on an NFS mounted file system)\nmade through a region of memory mapped by mmap() may be lost if the\nNFS client invalidates its page cache for particular files.\n(BZ#490119)\n\n* a NULL pointer dereference in the megaraid_mbox driver caused a\nsystem crash on some systems. (BZ#493420)\n\n* the ext3_symlink() function in the ext3 file system code used an\nillegal __GFP_FS allocation inside some transactions. This may have\nresulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n* do_machine_check() cleared all Machine Check Exception (MCE) status\nregisters, preventing the BIOS from using them to determine the cause\nof certain panics and errors. (BZ#494915)\n\n* a bug prevented NMI watchdog from initializing on HP ProLiant DL580\nG5 systems. (BZ#497330)\n\nThis update contains backported patches to fix these issues. The\nsystem must be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015838.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?065c1c0d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015839.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6b07d768\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:28:06", "description": "Security fixes :\n\n - a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - Chris Evans reported a deficiency in the Linux kernel signals implementation. The clone() system call permits the caller to indicate the signal it wants to receive when its child exits. When clone() is called with the CLONE_PARENT flag, it permits the caller to clone a new child that shares the same parent as itself, enabling the indicated signal to be sent to the caller's parent (instead of the caller), even if the caller's parent has different real and effective user IDs. This could lead to a denial of service of the parent. (CVE-2009-0028, Moderate)\n\n - the sock_getsockopt() function in the Linux kernel did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure.\n (CVE-2009-0676, Moderate)\n\nBug fixes :\n\n - a kernel crash may have occurred for Scientific Linux 4.7 guests if their guest configuration file specified 'vif = [ 'type=ioemu' ]'. This crash only occurred when starting guests via the 'xm create' command. (BZ#477146)\n\n - a bug in IO-APIC NMI watchdog may have prevented Scientific Linux 4.7 from being installed on HP ProLiant DL580 G5 systems. Hangs during installation and 'NMI received for unknown reason [xx]' errors may have occurred. (BZ#479184)\n\n - a kernel deadlock on some systems when using netdump through a network interface that uses the igb driver.\n (BZ#480579)\n\n - a possible kernel hang in sys_ptrace() on the Itanium® architecture, possibly triggered by tracing a threaded process with strace. (BZ#484904)\n\n - the RHSA-2008:0665 errata only fixed the known problem with the LSI Logic LSI53C1030 Ultra320 SCSI controller, for tape devices. Read commands sent to tape devices may have received incorrect data. This issue may have led to data corruption. This update includes a fix for all types of devices. (BZ#487399)\n\n - a missing memory barrier caused a race condition in the AIO subsystem between the read_events() and aio_complete() functions. This may have caused a thread in read_events() to sleep indefinitely, possibly causing an application hang. (BZ#489935)\n\n - due to a lack of synchronization in the NFS client code, modifications to some pages (for files on an NFS mounted file system) made through a region of memory mapped by mmap() may be lost if the NFS client invalidates its page cache for particular files. (BZ#490119)\n\n - a NULL pointer dereference in the megaraid_mbox driver caused a system crash on some systems. (BZ#493420)\n\n - the ext3_symlink() function in the ext3 file system code used an illegal __GFP_FS allocation inside some transactions. This may have resulted in a kernel panic and 'Assertion failure' errors. (BZ#493422)\n\n - do_machine_check() cleared all Machine Check Exception (MCE) status registers, preventing the BIOS from using them to determine the cause of certain panics and errors. (BZ#494915)\n\n - a bug prevented NMI watchdog from initializing on HP ProLiant DL580 G5 systems. (BZ#497330)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0028", "CVE-2009-0676", "CVE-2009-0834"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090430_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60577", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60577);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0028\", \"CVE-2009-0676\", \"CVE-2009-0834\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fixes :\n\n - a logic error was found in the do_setlk() function of\n the Linux kernel Network File System (NFS)\n implementation. If a signal interrupted a lock request,\n the local POSIX lock was incorrectly created. This could\n cause a denial of service on the NFS server if a file\n descriptor was closed before its corresponding lock\n request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call\n auditing implementation on 64-bit systems. This could\n allow a local, unprivileged user to circumvent a system\n call audit configuration, if that configuration filtered\n based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - Chris Evans reported a deficiency in the Linux kernel\n signals implementation. The clone() system call permits\n the caller to indicate the signal it wants to receive\n when its child exits. When clone() is called with the\n CLONE_PARENT flag, it permits the caller to clone a new\n child that shares the same parent as itself, enabling\n the indicated signal to be sent to the caller's parent\n (instead of the caller), even if the caller's parent has\n different real and effective user IDs. This could lead\n to a denial of service of the parent. (CVE-2009-0028,\n Moderate)\n\n - the sock_getsockopt() function in the Linux kernel did\n not properly initialize a data structure that can be\n directly returned to user-space when the getsockopt()\n function is called with SO_BSDCOMPAT optname set. This\n flaw could possibly lead to memory disclosure.\n (CVE-2009-0676, Moderate)\n\nBug fixes :\n\n - a kernel crash may have occurred for Scientific Linux\n 4.7 guests if their guest configuration file specified\n 'vif = [ 'type=ioemu' ]'. This crash only occurred when\n starting guests via the 'xm create' command. (BZ#477146)\n\n - a bug in IO-APIC NMI watchdog may have prevented\n Scientific Linux 4.7 from being installed on HP ProLiant\n DL580 G5 systems. Hangs during installation and 'NMI\n received for unknown reason [xx]' errors may have\n occurred. (BZ#479184)\n\n - a kernel deadlock on some systems when using netdump\n through a network interface that uses the igb driver.\n (BZ#480579)\n\n - a possible kernel hang in sys_ptrace() on the\n Itanium® architecture, possibly triggered by tracing\n a threaded process with strace. (BZ#484904)\n\n - the RHSA-2008:0665 errata only fixed the known problem\n with the LSI Logic LSI53C1030 Ultra320 SCSI controller,\n for tape devices. Read commands sent to tape devices may\n have received incorrect data. This issue may have led to\n data corruption. This update includes a fix for all\n types of devices. (BZ#487399)\n\n - a missing memory barrier caused a race condition in the\n AIO subsystem between the read_events() and\n aio_complete() functions. This may have caused a thread\n in read_events() to sleep indefinitely, possibly causing\n an application hang. (BZ#489935)\n\n - due to a lack of synchronization in the NFS client code,\n modifications to some pages (for files on an NFS mounted\n file system) made through a region of memory mapped by\n mmap() may be lost if the NFS client invalidates its\n page cache for particular files. (BZ#490119)\n\n - a NULL pointer dereference in the megaraid_mbox driver\n caused a system crash on some systems. (BZ#493420)\n\n - the ext3_symlink() function in the ext3 file system code\n used an illegal __GFP_FS allocation inside some\n transactions. This may have resulted in a kernel panic\n and 'Assertion failure' errors. (BZ#493422)\n\n - do_machine_check() cleared all Machine Check Exception\n (MCE) status registers, preventing the BIOS from using\n them to determine the cause of certain panics and\n errors. (BZ#494915)\n\n - a bug prevented NMI watchdog from initializing on HP\n ProLiant DL580 G5 systems. (BZ#497330)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=477146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=484904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=487399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=489935\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=490119\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=497330\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=319\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93c098ce\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_cwe_id(264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.22.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.22.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:10:36", "description": "The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was updated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6237)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6237.NASL", "href": "https://www.tenable.com/plugins/nessus/41539", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41539);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6237)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was\nupdated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The\naudit_syscall_entry function in the Linux kernel on the x86_64\nplatform did not properly handle (1) a 32-bit process making a 64-bit\nsyscall or (2) a 64-bit process making a 32-bit syscall, which allows\nlocal users to bypass certain syscall audit configurations via crafted\nsyscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD\n capability before handling a user request in a thread,\n which allows local users to create device nodes, as\n demonstrated on a filesystem that has been exported with\n the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in\n the seccomp subsystem in the Linux kernel on the x86_64\n platform, when CONFIG_SECCOMP is enabled, does not\n properly handle (1) a 32-bit process making a 64-bit\n syscall or (2) a 64-bit process making a 32-bit syscall,\n which allows local users to bypass intended access\n restrictions via crafted syscalls that are\n misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the\n Linux kernel 2.6.29 and earlier allows remote attackers\n to cause a denial of service (crash) or potential code\n execution via a long nativeFileSystem field in a Tree\n Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux\n kernel did not restrict exit signals when the CAP_KILL\n capability is held, which allows local users to send an\n arbitrary signal to a process by running a program that\n modifies the exit_signal field and then uses an exec\n system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm\n subsystem in the Linux kernel, when CONFIG_SHMEM is\n disabled, misinterprets the data type of an inode, which\n allows local users to cause a denial of service (system\n hang) via an SHM_INFO shmctl call, as demonstrated by\n running the ipcs program. (SUSE is enabling\n CONFIG_SHMEM, so is by default not affected, the fix is\n just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\n the Linux kernel might allow attackers to obtain\n sensitive information via a large length value, which\n causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0834.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0835.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0859.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1439.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6237.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.39.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:24:08", "description": "The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was updated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program. (SUSE is enabling CONFIG_SHMEM, so is by default not affected, the fix is just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM changelog.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6236)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1072", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6236.NASL", "href": "https://www.tenable.com/plugins/nessus/59137", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59137);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1439\");\n\n script_name(english:\"SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6236)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel on SUSE Linux Enterprise 10 Service Pack 2 was\nupdated to fix various security issues and several bugs.\n\nThe following security issues were fixed: CVE-2009-0834: The\naudit_syscall_entry function in the Linux kernel on the x86_64\nplatform did not properly handle (1) a 32-bit process making a 64-bit\nsyscall or (2) a 64-bit process making a 32-bit syscall, which allows\nlocal users to bypass certain syscall audit configurations via crafted\nsyscalls.\n\n - nfsd in the Linux kernel did not drop the CAP_MKNOD\n capability before handling a user request in a thread,\n which allows local users to create device nodes, as\n demonstrated on a filesystem that has been exported with\n the root_squash option. (CVE-2009-1072)\n\n - The __secure_computing function in kernel/seccomp.c in\n the seccomp subsystem in the Linux kernel on the x86_64\n platform, when CONFIG_SECCOMP is enabled, does not\n properly handle (1) a 32-bit process making a 64-bit\n syscall or (2) a 64-bit process making a 32-bit syscall,\n which allows local users to bypass intended access\n restrictions via crafted syscalls that are\n misinterpreted as (a) stat or (b) chmod. (CVE-2009-0835)\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the\n Linux kernel 2.6.29 and earlier allows remote attackers\n to cause a denial of service (crash) or potential code\n execution via a long nativeFileSystem field in a Tree\n Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux\n kernel did not restrict exit signals when the CAP_KILL\n capability is held, which allows local users to send an\n arbitrary signal to a process by running a program that\n modifies the exit_signal field and then uses an exec\n system call to launch a setuid application.\n (CVE-2009-1337)\n\n - The shm_get_stat function in ipc/shm.c in the shm\n subsystem in the Linux kernel, when CONFIG_SHMEM is\n disabled, misinterprets the data type of an inode, which\n allows local users to cause a denial of service (system\n hang) via an SHM_INFO shmctl call, as demonstrated by\n running the ipcs program. (SUSE is enabling\n CONFIG_SHMEM, so is by default not affected, the fix is\n just for completeness). (CVE-2009-0859)\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\n the Linux kernel might allow attackers to obtain\n sensitive information via a large length value, which\n causes 'garbage' memory to be sent. (CVE-2009-1265)\n\nAlso a number of bugs were fixed, for details please see the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0834.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0835.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0859.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1072.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1439.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6236.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(16, 20, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.39.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.39.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:59:32", "description": "Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r) microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2009:0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-PAE", "p-cpe:/a:centos:centos:kernel-PAE-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2009-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/43746", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0473 and \n# CentOS Errata and Security Advisory 2009:0473 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43746);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33951, 34405);\n script_xref(name:\"RHSA\", value:\"2009:0473\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2009:0473)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents()\nfunction of the Linux kernel eCryptfs implementation. On systems with\na 4096 byte page-size, this flaw may have caused 4096 bytes of\nuninitialized kernel memory to be written into the eCryptfs file\nheaders, leading to an information leak. Note: Encrypted files created\non systems running the vulnerable version of eCryptfs may contain\nleaked data in the eCryptfs file headers. This update does not remove\nany leaked data. Refer to the Knowledgebase article in the References\nsection for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could\nnot be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail\novers. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote\n'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and\npackets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which\nused it, such as sleep and usleep, to sleep for one second more than\nexpected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on\n64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines\nafter a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set\nto less than the actual number of CPUs in the system, and the cpuspeed\nservice was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network\neventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015844.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e5071f8\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015845.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b13f808\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T15:01:34", "description": "Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r) microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-05-08T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2009:0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/38709", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0473. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38709);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33951, 34405);\n script_xref(name:\"RHSA\", value:\"2009:0473\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2009:0473)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix several security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents()\nfunction of the Linux kernel eCryptfs implementation. On systems with\na 4096 byte page-size, this flaw may have caused 4096 bytes of\nuninitialized kernel memory to be written into the eCryptfs file\nheaders, leading to an information leak. Note: Encrypted files created\non systems running the vulnerable version of eCryptfs may contain\nleaked data in the eCryptfs file headers. This update does not remove\nany leaked data. Refer to the Knowledgebase article in the References\nsection for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could\nnot be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail\novers. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote\n'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and\npackets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which\nused it, such as sleep and usleep, to sleep for one second more than\nexpected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on\n64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines\nafter a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set\nto less than the actual number of CPUs in the system, and the cpuspeed\nservice was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network\neventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0787\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1337\"\n );\n # http://kbase.redhat.com/faq/docs/DOC-16748\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/16734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0473\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0473\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0473\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T14:26:59", "description": "This update fixes the following security issues :\n\n - a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n - the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n - the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n - network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions. (BZ#487035)\n\n - bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n - when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n - NFS clients may have experienced deadlocks during unmount. (BZ#488929)\n\n - the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n - the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet.\n (BZ#489460)\n\n - on the Itanium® architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n - a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n - the NONSTOP_TSC feature did not perform correctly on the Intel® microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n - keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n - using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n - if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n - using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash. (BZ#496044)\n\n - it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang.\n (BZ#496842)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090507_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60581);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the following security issues :\n\n - a logic error was found in the do_setlk() function of\n the Linux kernel Network File System (NFS)\n implementation. If a signal interrupted a lock request,\n the local POSIX lock was incorrectly created. This could\n cause a denial of service on the NFS server if a file\n descriptor was closed before its corresponding lock\n request returned. (CVE-2008-4307, Important)\n\n - a deficiency was found in the Linux kernel system call\n auditing implementation on 64-bit systems. This could\n allow a local, unprivileged user to circumvent a system\n call audit configuration, if that configuration filtered\n based on the 'syscall' number or arguments.\n (CVE-2009-0834, Important)\n\n - the exit_notify() function in the Linux kernel did not\n properly reset the exit signal if a process executed a\n set user ID (setuid) application before exiting. This\n could allow a local, unprivileged user to elevate their\n privileges. (CVE-2009-1337, Important)\n\n - a flaw was found in the\n ecryptfs_write_metadata_to_contents() function of the\n Linux kernel eCryptfs implementation. On systems with a\n 4096 byte page-size, this flaw may have caused 4096\n bytes of uninitialized kernel memory to be written into\n the eCryptfs file headers, leading to an information\n leak. Note: Encrypted files created on systems running\n the vulnerable version of eCryptfs may contain leaked\n data in the eCryptfs file headers. This update does not\n remove any leaked data. Refer to the Knowledgebase\n article in the References section for further\n information. (CVE-2009-0787, Moderate)\n\n - the Linux kernel implementation of the Network File\n System (NFS) did not properly initialize the file name\n limit in the nfs_server data structure. This flaw could\n possibly lead to a denial of service on a client\n mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n - the enic driver (Cisco 10G Ethernet) did not operate\n under virtualization. (BZ#472474)\n\n - network interfaces using the IBM eHEA Ethernet device\n driver could not be successfully configured under\n low-memory conditions. (BZ#487035)\n\n - bonding with the 'arp_validate=3' option may have\n prevented fail overs. (BZ#488064)\n\n - when running under virtualization, the acpi-cpufreq\n module wrote 'Domain attempted WRMSR' errors to the\n dmesg log. (BZ#488928)\n\n - NFS clients may have experienced deadlocks during\n unmount. (BZ#488929)\n\n - the ixgbe driver double counted the number of received\n bytes and packets. (BZ#489459)\n\n - the Wacom Intuos3 Lens Cursor device did not work\n correctly with the Wacom Intuos3 12x12 tablet.\n (BZ#489460)\n\n - on the Itanium® architecture, nanosleep() caused\n commands which used it, such as sleep and usleep, to\n sleep for one second more than expected. (BZ#490434)\n\n - a panic and corruption of slab cache data structures\n occurred on 64-bit PowerPC systems when clvmd was\n running. (BZ#491677)\n\n - the NONSTOP_TSC feature did not perform correctly on the\n Intel® microarchitecture (Nehalem) when running in\n 32-bit mode. (BZ#493356)\n\n - keyboards may not have functioned on IBM eServer System\n p machines after a certain point during installation or\n afterward. (BZ#494293)\n\n - using Device Mapper Multipathing with the qla2xxx driver\n resulted in frequent path failures. (BZ#495635)\n\n - if the hypervisor was booted with the dom0_max_vcpus\n parameter set to less than the actual number of CPUs in\n the system, and the cpuspeed service was started, the\n hypervisor could crash. (BZ#495931)\n\n - using Openswan to provide an IPsec virtual private\n network eventually resulted in a CPU soft lockup and a\n system crash. (BZ#496044)\n\n - it was possible for posix_locks_deadlock() to enter an\n infinite loop (under the BKL), causing a system hang.\n (BZ#496842)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=472474\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=487035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=488064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=488928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=488929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=489459\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=489460\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=490434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=491677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=493356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=494293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=495635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=495931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=496044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=496842\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=541\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0640b726\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-128.1.10.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-128.1.10.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T14:49:59", "description": "From Red Hat Security Advisory 2009:0473 :\n\nUpdated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux kernel Network File System (NFS) implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration, if that configuration filtered based on the 'syscall' number or arguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents() function of the Linux kernel eCryptfs implementation. On systems with a 4096 byte page-size, this flaw may have caused 4096 bytes of uninitialized kernel memory to be written into the eCryptfs file headers, leading to an information leak. Note: Encrypted files created on systems running the vulnerable version of eCryptfs may contain leaked data in the eCryptfs file headers. This update does not remove any leaked data. Refer to the Knowledgebase article in the References section for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under virtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could not be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail overs. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote 'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and packets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the Wacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which used it, such as sleep and usleep, to sleep for one second more than expected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on 64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r) microarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines after a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in frequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set to less than the actual number of CPUs in the system, and the cpuspeed service was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network eventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop (under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2009-0473)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0787", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-PAE", "p-cpe:/a:oracle:linux:kernel-PAE-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0473.NASL", "href": "https://www.tenable.com/plugins/nessus/67854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0473 and \n# Oracle Linux Security Advisory ELSA-2009-0473 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67854);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33951, 34405);\n script_xref(name:\"RHSA\", value:\"2009:0473\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2009-0473)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0473 :\n\nUpdated kernel packages that fix several security issues and several\nbugs are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* a logic error was found in the do_setlk() function of the Linux\nkernel Network File System (NFS) implementation. If a signal\ninterrupted a lock request, the local POSIX lock was incorrectly\ncreated. This could cause a denial of service on the NFS server if a\nfile descriptor was closed before its corresponding lock request\nreturned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local,\nunprivileged user to circumvent a system call audit configuration, if\nthat configuration filtered based on the 'syscall' number or\narguments. (CVE-2009-0834, Important)\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* a flaw was found in the ecryptfs_write_metadata_to_contents()\nfunction of the Linux kernel eCryptfs implementation. On systems with\na 4096 byte page-size, this flaw may have caused 4096 bytes of\nuninitialized kernel memory to be written into the eCryptfs file\nheaders, leading to an information leak. Note: Encrypted files created\non systems running the vulnerable version of eCryptfs may contain\nleaked data in the eCryptfs file headers. This update does not remove\nany leaked data. Refer to the Knowledgebase article in the References\nsection for further information. (CVE-2009-0787, Moderate)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nThis update also fixes the following bugs :\n\n* the enic driver (Cisco 10G Ethernet) did not operate under\nvirtualization. (BZ#472474)\n\n* network interfaces using the IBM eHEA Ethernet device driver could\nnot be successfully configured under low-memory conditions.\n(BZ#487035)\n\n* bonding with the 'arp_validate=3' option may have prevented fail\novers. (BZ#488064)\n\n* when running under virtualization, the acpi-cpufreq module wrote\n'Domain attempted WRMSR' errors to the dmesg log. (BZ#488928)\n\n* NFS clients may have experienced deadlocks during unmount.\n(BZ#488929)\n\n* the ixgbe driver double counted the number of received bytes and\npackets. (BZ#489459)\n\n* the Wacom Intuos3 Lens Cursor device did not work correctly with the\nWacom Intuos3 12x12 tablet. (BZ#489460)\n\n* on the Itanium(r) architecture, nanosleep() caused commands which\nused it, such as sleep and usleep, to sleep for one second more than\nexpected. (BZ#490434)\n\n* a panic and corruption of slab cache data structures occurred on\n64-bit PowerPC systems when clvmd was running. (BZ#491677)\n\n* the NONSTOP_TSC feature did not perform correctly on the Intel(r)\nmicroarchitecture (Nehalem) when running in 32-bit mode. (BZ#493356)\n\n* keyboards may not have functioned on IBM eServer System p machines\nafter a certain point during installation or afterward. (BZ#494293)\n\n* using Device Mapper Multipathing with the qla2xxx driver resulted in\nfrequent path failures. (BZ#495635)\n\n* if the hypervisor was booted with the dom0_max_vcpus parameter set\nto less than the actual number of CPUs in the system, and the cpuspeed\nservice was started, the hypervisor could crash. (BZ#495931)\n\n* using Openswan to provide an IPsec virtual private network\neventually resulted in a CPU soft lockup and a system crash.\n(BZ#496044)\n\n* it was possible for posix_locks_deadlock() to enter an infinite loop\n(under the BKL), causing a system hang. (BZ#496842)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001000.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2009-0787\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0473\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-128.1.10.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-128.1.10.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2023-01-11T15:01:13", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0835 Roland McGrath discovered an issue on amd64 kernels with CONFIG_SECCOMP enabled. By making a specially crafted syscall, local users can bypass access restrictions.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046 Mikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n - CVE-2009-1072 Igor Zhbanov reported that nfsd was not properly dropping CAP_MKNOD, allowing users to create device nodes on file systems exported with root_squash.\n\n - CVE-2009-1184 Dan Carpenter reported a coding issue in the selinux subsystem that allows local users to bypass certain networking checks when running with compat_net=1.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem they may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1242 Benjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1338 Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-18T00:00:00", "type": "nessus", "title": "Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0028", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1800.NASL", "href": "https://www.tenable.com/plugins/nessus/38795", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1800. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38795);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_bugtraq_id(33672, 33948, 33951, 34020, 34205, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1800\");\n\n script_name(english:\"Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0835\n Roland McGrath discovered an issue on amd64 kernels with\n CONFIG_SECCOMP enabled. By making a specially crafted\n syscall, local users can bypass access restrictions.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046\n Mikulas Patocka reported an issue in the console\n subsystem that allows a local user to cause memory\n corruption by selecting a small number of 3-byte UTF-8\n characters.\n\n - CVE-2009-1072\n Igor Zhbanov reported that nfsd was not properly\n dropping CAP_MKNOD, allowing users to create device\n nodes on file systems exported with root_squash.\n\n - CVE-2009-1184\n Dan Carpenter reported a coding issue in the selinux\n subsystem that allows local users to bypass certain\n networking checks when running with compat_net=1.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem they\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1242\n Benjamin Gilbert reported a local denial of service\n vulnerability in the KVM VMX implementation that allows\n local users to trigger an oops.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1338\n Daniel Hokka Zakrisson discovered that a kill(-1) is\n permitted to reach processes outside of the current\n process namespace.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1800\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in future updates to linux-2.6 and\nlinux-2.6.24.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"linux-doc-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-486\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-4kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-5kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-alpha\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-arm\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-armel\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-hppa\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-i386\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-ia64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mips\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mipsel\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-sparc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-generic\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-legacy\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-openvz\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-vserver\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-xen\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-footbridge\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-iop32x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-ixp4xx\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-orion5x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r4k-ip22\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-ip32\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-versatile\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-486\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-4kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-5kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-legacy\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-footbridge\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-iop32x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-ixp4xx\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-orion5x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r4k-ip22\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-ip32\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390-tape\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-versatile\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-libc-dev\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-manual-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-patch-debian-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-source-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-support-2.6.26-2\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-tree-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"user-mode-linux\", reference:\"2.6.26-1um-2+15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:11:21", "description": "The Linux kernel on SUSE Linux Enterprise 11 was updated to 2.6.27.23 and received lots of bugs and security fixes.\n\nThe following security issues have been fixed :\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n (CVE-2009-1337)\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent. (CVE-2009-1265)\n\n - The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform. (CVE-2009-1242)\n\n - The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets. (CVE-2009-1360)\n\n - drivers/char/agp/generic.c in the agp subsystem in the Linux kernel does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM changelog.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 927 / 929 / 930)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1360", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-vmi", "p-cpe:/a:novell:suse_linux:11:kernel-vmi-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-090527.NASL", "href": "https://www.tenable.com/plugins/nessus/41411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41411);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1360\", \"CVE-2009-1439\");\n\n script_name(english:\"SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 927 / 929 / 930)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel on SUSE Linux Enterprise 11 was updated to 2.6.27.23\nand received lots of bugs and security fixes.\n\nThe following security issues have been fixed :\n\n - Buffer overflow in fs/cifs/connect.c in CIFS in the\n Linux kernel 2.6.29 and earlier allows remote attackers\n to cause a denial of service (crash) or potential code\n execution via a long nativeFileSystem field in a Tree\n Connect response to an SMB mount request.\n (CVE-2009-1439)\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\n - The exit_notify function in kernel/exit.c in the Linux\n kernel did not restrict exit signals when the CAP_KILL\n capability is held, which allows local users to send an\n arbitrary signal to a process by running a program that\n modifies the exit_signal field and then uses an exec\n system call to launch a setuid application.\n (CVE-2009-1337)\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\n - Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\n the Linux kernel might allow attackers to obtain\n sensitive information via a large length value, which\n causes 'garbage' memory to be sent. (CVE-2009-1265)\n\n - The vmx_set_msr function in arch/x86/kvm/vmx.c in the\n VMX implementation in the KVM subsystem in the Linux\n kernel on the i386 platform allows guest OS users to\n cause a denial of service (OOPS) by setting the EFER_LME\n (aka 'Long mode enable') bit in the Extended Feature\n Enable Register (EFER) model-specific register, which is\n specific to the x86_64 platform. (CVE-2009-1242)\n\n - The __inet6_check_established function in\n net/ipv6/inet6_hashtables.c in the Linux kernel, when\n Network Namespace Support (aka NET_NS) is enabled,\n allows remote attackers to cause a denial of service\n (NULL pointer dereference and system crash) via vectors\n involving IPv6 packets. (CVE-2009-1360)\n\n - drivers/char/agp/generic.c in the agp subsystem in the\n Linux kernel does not zero out pages that may later be\n available to a user-space process, which allows local\n users to obtain sensitive information by reading these\n pages. (CVE-2009-1192)\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=460284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=464360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=467518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=474062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=484931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=494463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1192.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1242.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1265.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1360.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1439.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 927 / 929 / 930 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-vmi-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-default-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-source-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-syms-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-default-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-source-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-syms-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-extra-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"ext4dev-kmp-default-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-default-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-source-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"kernel-syms-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-pae-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-vmi-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"ext4dev-kmp-xen-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-pae-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-vmi-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"i586\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"kernel-default-man-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"ext4dev-kmp-xen-0_2.6.27.23_0.1-7.1.7\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-2.6.27.23-0.1.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:05:58", "description": "This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some security issues. The kernel was also updated to the 2.6.27.23 stable release.\n\nFollowing security issues have been fixed: CVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem from a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux kernel did not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nThe GCC option -fwrapv has been added to compilation to work around potentially removing integer overflow checks.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel might allow attackers to obtain sensitive information via a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.\n\nCVE-2009-1360: The __inet6_check_established function in net/ipv6/inet6_hashtables.c in the Linux kernel, when Network Namespace Support (aka NET_NS) is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via vectors involving IPv6 packets.\n\nCVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the Linux kernel does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages.\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM changelog.", "cvss3": {}, "published": "2009-07-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (kernel-932)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1360", "CVE-2009-1439"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:aufs-kmp-debug", "p-cpe:/a:novell:opensuse:aufs-kmp-trace", "p-cpe:/a:novell:opensuse:brocade-bfa-kmp-debug", "p-cpe:/a:novell:opensuse:brocade-bfa-kmp-trace", "p-cpe:/a:novell:opensuse:dazuko-kmp-debug", "p-cpe:/a:novell:opensuse:dazuko-kmp-trace", "p-cpe:/a:novell:opensuse:drbd-kmp-debug", "p-cpe:/a:novell:opensuse:drbd-kmp-trace", "p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-debug", "p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-trace", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-trace", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-extra", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-extra", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-extra", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-extra", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-extra", "p-cpe:/a:novell:opensuse:kqemu-kmp-debug", "p-cpe:/a:novell:opensuse:kqemu-kmp-trace", "p-cpe:/a:novell:opensuse:kvm-kmp-trace", "p-cpe:/a:novell:opensuse:lirc-kmp-trace", "p-cpe:/a:novell:opensuse:ofed-kmp-debug", "p-cpe:/a:novell:opensuse:ofed-kmp-trace", "p-cpe:/a:novell:opensuse:oracleasm-kmp-debug", "p-cpe:/a:novell:opensuse:oracleasm-kmp-trace", "p-cpe:/a:novell:opensuse:pcfclock-kmp-debug", "p-cpe:/a:novell:opensuse:pcfclock-kmp-trace", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug", "p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace", "p-cpe:/a:novell:opensuse:vmware-kmp-debug", "p-cpe:/a:novell:opensuse:vmware-kmp-trace", "cpe:/o:novell:opensuse:11.1"], "id": "SUSE_11_1_KERNEL-090527.NASL", "href": "https://www.tenable.com/plugins/nessus/40250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-932.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40250);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1360\", \"CVE-2009-1439\");\n\n script_name(english:\"openSUSE Security Update : kernel (kernel-932)\");\n script_summary(english:\"Check for the kernel-932 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for openSUSE 11.1 fixes lots of bugs and some\nsecurity issues. The kernel was also updated to the 2.6.27.23 stable\nrelease.\n\nFollowing security issues have been fixed: CVE-2009-1439: Buffer\noverflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and\nearlier allows remote attackers to cause a denial of service (crash)\nor potential code execution via a long nativeFileSystem field in a\nTree Connect response to an SMB mount request.\n\nThis requires that kernel can be made to mount a 'cifs' filesystem\nfrom a malicious CIFS server.\n\nCVE-2009-1337: The exit_notify function in kernel/exit.c in the Linux\nkernel did not restrict exit signals when the CAP_KILL capability is\nheld, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n\nThe GCC option -fwrapv has been added to compilation to work around\npotentially removing integer overflow checks.\n\nCVE-2009-1265: Integer overflow in rose_sendmsg (sys/net/af_rose.c) in\nthe Linux kernel might allow attackers to obtain sensitive information\nvia a large length value, which causes 'garbage' memory to be sent.\n\nCVE-2009-1242: The vmx_set_msr function in arch/x86/kvm/vmx.c in the\nVMX implementation in the KVM subsystem in the Linux kernel on the\ni386 platform allows guest OS users to cause a denial of service\n(OOPS) by setting the EFER_LME (aka 'Long mode enable') bit in the\nExtended Feature Enable Register (EFER) model-specific register, which\nis specific to the x86_64 platform.\n\nCVE-2009-1360: The __inet6_check_established function in\nnet/ipv6/inet6_hashtables.c in the Linux kernel, when Network\nNamespace Support (aka NET_NS) is enabled, allows remote attackers to\ncause a denial of service (NULL pointer dereference and system crash)\nvia vectors involving IPv6 packets.\n\nCVE-2009-1192: drivers/char/agp/generic.c in the agp subsystem in the\nLinux kernel does not zero out pages that may later be available to a\nuser-space process, which allows local users to obtain sensitive\ninformation by reading these pages.\n\nAdditionaly a lot of bugs have been fixed and are listed in the RPM\nchangelog.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=408304\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=459065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=460284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=464360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=465854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=467518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=474062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=483706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=484931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=486803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487106\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487755\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=487987\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489005\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=489105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490368\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=490902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=491430\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492768\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=493991\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=494463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495515\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=495816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496502\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=496878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=497807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=498237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=499845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=500508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=501234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=502903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503161\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=505925\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:aufs-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brocade-bfa-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:brocade-bfa-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:dazuko-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:drbd-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:intel-iamt-heci-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kqemu-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kvm-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:lirc-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ofed-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ofed-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:oracleasm-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:oracleasm-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vmware-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"aufs-kmp-debug-cvs20081020_2.6.27.23_0.1-1.32.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"aufs-kmp-trace-cvs20081020_2.6.27.23_0.1-1.32.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"brocade-bfa-kmp-debug-1.1.0.2_2.6.27.23_0.1-1.7.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"brocade-bfa-kmp-trace-1.1.0.2_2.6.27.23_0.1-1.7.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dazuko-kmp-debug-2.3.6_2.6.27.23_0.1-1.49.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"dazuko-kmp-trace-2.3.6_2.6.27.23_0.1-1.49.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"drbd-kmp-debug-8.2.7_2.6.27.23_0.1-1.19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"drbd-kmp-trace-8.2.7_2.6.27.23_0.1-1.19.6\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"intel-iamt-heci-kmp-debug-3.1.0.31_2.6.27.23_0.1-2.40.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"intel-iamt-heci-kmp-trace-3.1.0.31_2.6.27.23_0.1-2.40.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"iscsitarget-kmp-debug-0.4.15_2.6.27.23_0.1-89.11.12\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"iscsitarget-kmp-trace-0.4.15_2.6.27.23_0.1-89.11.12\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-debug-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-default-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-pae-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-source-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-syms-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-trace-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-vanilla-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-base-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kernel-xen-extra-2.6.27.23-0.1.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kqemu-kmp-debug-1.4.0pre1_2.6.27.23_0.1-2.1.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kqemu-kmp-trace-1.4.0pre1_2.6.27.23_0.1-2.1.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"kvm-kmp-trace-78_2.6.27.23_0.1-6.6.20\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"lirc-kmp-trace-0.8.4_2.6.27.23_0.1-0.1.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ofed-kmp-debug-1.4_2.6.27.23_0.1-21.15.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"ofed-kmp-trace-1.4_2.6.27.23_0.1-21.15.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"oracleasm-kmp-debug-2.0.5_2.6.27.23_0.1-2.36.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"oracleasm-kmp-trace-2.0.5_2.6.27.23_0.1-2.36.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pcfclock-kmp-debug-0.44_2.6.27.23_0.1-227.56.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pcfclock-kmp-trace-0.44_2.6.27.23_0.1-227.56.10\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"virtualbox-ose-kmp-debug-2.0.6_2.6.27.23_0.1-2.8.32\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"virtualbox-ose-kmp-trace-2.0.6_2.6.27.23_0.1-2.8.32\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"vmware-kmp-debug-2008.09.03_2.6.27.23_0.1-5.50.25\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"vmware-kmp-trace-2008.09.03_2.6.27.23_0.1-5.50.25\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"kvm-kmp-trace-78_2.6.27.23_0.1-6.6.21\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"virtualbox-ose-kmp-debug-2.0.6_2.6.27.23_0.1-2.8.33\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"virtualbox-ose-kmp-trace-2.0.6_2.6.27.23_0.1-2.8.33\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"aufs-kmp-debug / aufs-kmp-trace / brocade-bfa-kmp-debug / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:57:50", "description": "NFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected.\n(CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028)\n\nThe kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service.\n(CVE-2009-0031)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065)\n\nThe eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service.\n(CVE-2009-0269)\n\nThe Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322)\n\nThe page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676)\n\nThe ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-0745)\n\nThe ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748)\n\nThe syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)\n\nThe virtual consoles did not correctly handle certain UTF-8 sequences.\nA local attacker on the physical console could exploit this to cause a system crash, leading to a denial of service. (CVE-2009-1046).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0605", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "cpe:/o:canonical:ubuntu_linux:7.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-751-1.NASL", "href": "https://www.tenable.com/plugins/nessus/37337", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-751-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37337);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0605\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0746\", \"CVE-2009-0747\", \"CVE-2009-0748\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\");\n script_bugtraq_id(33113, 33672, 33846, 33948, 33951, 34020);\n script_xref(name:\"USN\", value:\"751-1\");\n\n script_name(english:\"Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NFS did not correctly handle races between fcntl and interrupts. A\nlocal attacker on an NFS mount could consume unlimited kernel memory,\nleading to a denial of service. Ubuntu 8.10 was not affected.\n(CVE-2008-4307)\n\nSparc syscalls did not correctly check mmap regions. A local attacker\ncould cause a system panic, leading to a denial of service. Ubuntu\n8.10 was not affected. (CVE-2008-6107)\n\nIn certain situations, cloned processes were able to send signals to\nparent processes, crossing privilege boundaries. A local attacker\ncould send arbitrary signals to parent processes, leading to a denial\nof service. (CVE-2009-0028)\n\nThe kernel keyring did not free memory correctly. A local attacker\ncould consume unlimited kernel memory, leading to a denial of service.\n(CVE-2009-0031)\n\nThe SCTP stack did not correctly validate FORWARD-TSN packets. A\nremote attacker could send specially crafted SCTP traffic causing a\nsystem crash, leading to a denial of service. (CVE-2009-0065)\n\nThe eCryptfs filesystem did not correctly handle certain VFS return\ncodes. A local attacker with write-access to an eCryptfs filesystem\ncould cause a system crash, leading to a denial of service.\n(CVE-2009-0269)\n\nThe Dell platform device did not correctly validate user parameters. A\nlocal attacker could perform specially crafted reads to crash the\nsystem, leading to a denial of service. (CVE-2009-0322)\n\nThe page fault handler could consume stack memory. A local attacker\ncould exploit this to crash the system or gain root privileges with a\nKprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)\n\nNetwork interfaces statistics for the SysKonnect FDDI driver did not\ncheck capabilities. A local user could reset statistics, potentially\ninterfering with packet accounting systems. (CVE-2009-0675)\n\nThe getsockopt function did not correctly clear certain parameters. A\nlocal attacker could read leaked kernel memory, leading to a loss of\nprivacy. (CVE-2009-0676)\n\nThe ext4 filesystem did not correctly clear group descriptors when\nresizing. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2009-0745)\n\nThe ext4 filesystem did not correctly validate certain fields. A local\nattacker could mount a malicious ext4 filesystem, causing a system\ncrash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747,\nCVE-2009-0748)\n\nThe syscall interface did not correctly validate parameters when\ncrossing the 64-bit/32-bit boundary. A local attacker could bypass\ncertain syscall restricts via crafted syscalls. (CVE-2009-0834,\nCVE-2009-0835)\n\nThe shared memory subsystem did not correctly handle certain shmctl\ncalls when CONFIG_SHMEM was disabled. Ubuntu kernels were not\nvulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)\n\nThe virtual consoles did not correctly handle certain UTF-8 sequences.\nA local attacker on the physical console could exploit this to cause a\nsystem crash, leading to a denial of service. (CVE-2009-1046).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/751-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(7\\.10|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 7.10 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-4307\", \"CVE-2008-6107\", \"CVE-2009-0028\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0605\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0746\", \"CVE-2009-0747\", \"CVE-2009-0748\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-751-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-doc-2.6.22\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-386\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-generic\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-rt\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-server\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-ume\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-virtual\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-headers-2.6.22-16-xen\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-386\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-cell\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-generic\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpia\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-lpiacompat\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-rt\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-server\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-ume\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-virtual\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-2.6.22-16-xen\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-386\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-generic\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-server\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-image-debug-2.6.22-16-virtual\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"7.10\", pkgname:\"linux-source-2.6.22\", pkgver:\"2.6.22-16.62\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-386\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-generic\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-openvz\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-rt\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-server\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-virtual\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-23-xen\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-386\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-generic\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpia\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-lpiacompat\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-openvz\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-rt\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-server\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-virtual\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-23-xen\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-386\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-generic\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-server\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-23-virtual\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-23.52\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-generic\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-11-server\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-generic\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-server\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-11-virtual\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-11.31\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-11.31\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.22 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:40:43", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\nCVE-2008-4307 Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.\n\nCVE-2009-1337 The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\nCVE-2009-0834 The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.\n\nCVE-2009-1336 fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the encode_lookup function.\n\n - CVE-2008-4307 -[nfs] remove bogus lock-if-signalled case (Bryn M. Reeves) [456287 456288]\n\n - CVE-2009-1337 - [misc] exit_notify: kill the wrong capable check \n\n - CVE-2009-0834 - [ptrace] audit_syscall_entry to use right syscall number (Jiri Pirko) [488001 488002]\n\n - CVE-2009-1336 - [nfs] v4: client crash on file lookup with long names (Sachin S. Prabhu) [494078 493942]", "cvss3": {}, "published": "2014-11-26T00:00:00", "type": "nessus", "title": "OracleVM 2.1 : kernel (OVMSA-2009-0009)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2009-0342", "CVE-2009-0343", "CVE-2009-0834", "CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-BOOT", "p-cpe:/a:oracle:vm:kernel-BOOT-devel", "p-cpe:/a:oracle:vm:kernel-kdump", "p-cpe:/a:oracle:vm:kernel-kdump-devel", "p-cpe:/a:oracle:vm:kernel-ovs", "p-cpe:/a:oracle:vm:kernel-ovs-devel", "cpe:/o:oracle:vm_server:2.1"], "id": "ORACLEVM_OVMSA-2009-0009.NASL", "href": "https://www.tenable.com/plugins/nessus/79456", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2009-0009.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79456);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2009-0342\", \"CVE-2009-0343\", \"CVE-2009-0834\", \"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(33417, 33951, 34405);\n\n script_name(english:\"OracleVM 2.1 : kernel (OVMSA-2009-0009)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\nCVE-2008-4307 Race condition in the do_setlk function in fs/nfs/file.c\nin the Linux kernel before 2.6.26 allows local users to cause a denial\nof service (crash) via vectors resulting in an interrupted RPC call\nthat leads to a stray FL_POSIX lock, related to improper handling of a\nrace between fcntl and close in the EINTR case.\n\nCVE-2009-1337 The exit_notify function in kernel/exit.c in the Linux\nkernel before 2.6.30-rc1 does not restrict exit signals when the\nCAP_KILL capability is held, which allows local users to send an\narbitrary signal to a process by running a program that modifies the\nexit_signal field and then uses an exec system call to launch a setuid\napplication.\n\nCVE-2009-0834 The audit_syscall_entry function in the Linux kernel\n2.6.28.7 and earlier on the x86_64 platform does not properly handle\n(1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process\nmaking a 32-bit syscall, which allows local users to bypass certain\nsyscall audit configurations via crafted syscalls, a related issue to\nCVE-2009-0342 and CVE-2009-0343.\n\nCVE-2009-1336 fs/nfs/client.c in the Linux kernel before 2.6.23 does\nnot properly initialize a certain structure member that stores the\nmaximum NFS filename length, which allows local users to cause a\ndenial of service (OOPS) via a long filename, related to the\nencode_lookup function.\n\n - CVE-2008-4307 -[nfs] remove bogus lock-if-signalled case\n (Bryn M. Reeves) [456287 456288]\n\n - CVE-2009-1337 - [misc] exit_notify: kill the wrong\n capable check \n\n - CVE-2009-0834 - [ptrace] audit_syscall_entry to use\n right syscall number (Jiri Pirko) [488001 488002]\n\n - CVE-2009-1336 - [nfs] v4: client crash on file lookup\n with long names (Sachin S. Prabhu) [494078 493942]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2009-May/000023.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-BOOT-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-ovs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"2\\.1\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 2.1\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-BOOT-devel-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-kdump-devel-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-2.6.18-8.1.15.1.32.el5\")) flag++;\nif (rpm_check(release:\"OVS2.1\", reference:\"kernel-ovs-devel-2.6.18-8.1.15.1.32.el5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-BOOT / kernel-BOOT-devel / kernel-kdump / kernel-kdump-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:08:57", "description": "This Linux kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and several security issues.\n\nThe following security issues were fixed: CVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an 'inverted logic' issue.\n\n - The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)\n\n - The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. (CVE-2009-0028)\n\n - The Linux kernel does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits. (CVE-2008-1294)\n\n - Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. (CVE-2009-0065)\n\n - The console selection feature in the Linux kernel when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an an off-by-two memory error. It is is not clear if this can be exploited at all. (CVE-2009-1046)\n\nAlso a huge number of regular bugs were fixed, please see the RPM changelog for full details.", "cvss3": {}, "published": "2009-09-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6109)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1294", "CVE-2009-0028", "CVE-2009-0065", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-1046"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6109.NASL", "href": "https://www.tenable.com/plugins/nessus/41538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41538);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1294\", \"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-1046\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6109)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for SUSE Linux Enterprise 10 Service Pack 2\nfixes various bugs and several security issues.\n\nThe following security issues were fixed: CVE-2009-0675: The\nskfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel\npermits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability\nis absent, instead of when this capability is present, which allows\nlocal users to reset the driver statistics, related to an 'inverted\nlogic' issue.\n\n - The sock_getsockopt function in net/core/sock.c in the\n Linux kernel does not initialize a certain structure\n member, which allows local users to obtain potentially\n sensitive information from kernel memory via an\n SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)\n\n - The clone system call in the Linux kernel allows local\n users to send arbitrary signals to a parent process from\n an unprivileged child process by launching an additional\n child process with the CLONE_PARENT flag, and then\n letting this new process exit. (CVE-2009-0028)\n\n - The Linux kernel does not check when a user attempts to\n set RLIMIT_CPU to 0 until after the change is made,\n which allows local users to bypass intended resource\n limits. (CVE-2008-1294)\n\n - Buffer overflow in net/sctp/sm_statefuns.c in the Stream\n Control Transmission Protocol (sctp) implementation in\n the Linux kernel allows remote attackers to have an\n unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk\n with a large stream ID. (CVE-2009-0065)\n\n - The console selection feature in the Linux kernel when\n the UTF-8 console is used, allows physically proximate\n attackers to cause a denial of service (memory\n corruption) by selecting a small number of 3-byte UTF-8\n characters, which triggers an an off-by-two memory\n error. It is is not clear if this can be exploited at\n all. (CVE-2009-1046)\n\nAlso a huge number of regular bugs were fixed, please see the RPM\nchangelog for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1294.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0065.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0675.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0676.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1046.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6109.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.37_f594963d\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:23:57", "description": "This Linux kernel update for SUSE Linux Enterprise 10 Service Pack 2 fixes various bugs and several security issues.\n\nThe following security issues were fixed: CVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an 'inverted logic' issue.\n\n - The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)\n\n - The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. (CVE-2009-0028)\n\n - The Linux kernel does not check when a user attempts to set RLIMIT_CPU to 0 until after the change is made, which allows local users to bypass intended resource limits. (CVE-2008-1294)\n\n - Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. (CVE-2009-0065)\n\n - The console selection feature in the Linux kernel when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an an off-by-two memory error. It is is not clear if this can be exploited at all. (CVE-2009-1046)\n\nAlso a huge number of regular bugs were fixed, please see the RPM changelog for full details.", "cvss3": {}, "published": "2012-05-17T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6113)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1294", "CVE-2009-0028", "CVE-2009-0065", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-1046"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-6113.NASL", "href": "https://www.tenable.com/plugins/nessus/59136", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59136);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1294\", \"CVE-2009-0028\", \"CVE-2009-0065\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-1046\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6113)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for SUSE Linux Enterprise 10 Service Pack 2\nfixes various bugs and several security issues.\n\nThe following security issues were fixed: CVE-2009-0675: The\nskfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel\npermits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability\nis absent, instead of when this capability is present, which allows\nlocal users to reset the driver statistics, related to an 'inverted\nlogic' issue.\n\n - The sock_getsockopt function in net/core/sock.c in the\n Linux kernel does not initialize a certain structure\n member, which allows local users to obtain potentially\n sensitive information from kernel memory via an\n SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)\n\n - The clone system call in the Linux kernel allows local\n users to send arbitrary signals to a parent process from\n an unprivileged child process by launching an additional\n child process with the CLONE_PARENT flag, and then\n letting this new process exit. (CVE-2009-0028)\n\n - The Linux kernel does not check when a user attempts to\n set RLIMIT_CPU to 0 until after the change is made,\n which allows local users to bypass intended resource\n limits. (CVE-2008-1294)\n\n - Buffer overflow in net/sctp/sm_statefuns.c in the Stream\n Control Transmission Protocol (sctp) implementation in\n the Linux kernel allows remote attackers to have an\n unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk\n with a large stream ID. (CVE-2009-0065)\n\n - The console selection feature in the Linux kernel when\n the UTF-8 console is used, allows physically proximate\n attackers to cause a denial of service (memory\n corruption) by selecting a small number of 3-byte UTF-8\n characters, which triggers an an off-by-two memory\n error. It is is not clear if this can be exploited at\n all. (CVE-2009-1046)\n\nAlso a huge number of regular bugs were fixed, please see the RPM\nchangelog for full details.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-1294.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0065.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0675.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0676.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1046.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6113.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.37_f594963d\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.37_f594963d\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:51:59", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users.\n\n - CVE-2009-0269 Duane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption).\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0745 Peter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation.\n\n - CVE-2009-0746 Sami Liedes reported an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when accessing a specially crafted corrupt filesystem.\n\n - CVE-2009-0747 David Maciejak reported an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when mounting a specially crafted corrupt filesystem.\n\n - CVE-2009-0748 David Maciejak reported an additional issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) when mounting a specially crafted corrupt filesystem.", "cvss3": {}, "published": "2009-03-23T00:00:00", "type": "nessus", "title": "Debian DSA-1749-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1749.NASL", "href": "https://www.tenable.com/plugins/nessus/35987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1749. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35987);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0746\", \"CVE-2009-0747\", \"CVE-2009-0748\");\n script_bugtraq_id(33113, 33846);\n script_xref(name:\"DSA\", value:\"1749\");\n\n script_name(english:\"Debian DSA-1749-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all of kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users.\n\n - CVE-2009-0269\n Duane Griffin provided a fix for an issue in the\n eCryptfs subsystem which allows local users to cause a\n denial of service (fault or memory corruption).\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0745\n Peter Kerwien discovered an issue in the ext4 filesystem\n that allows local users to cause a denial of service\n (kernel oops) during a resize operation.\n\n - CVE-2009-0746\n Sami Liedes reported an issue in the ext4 filesystem\n that allows local users to cause a denial of service\n (kernel oops) when accessing a specially crafted corrupt\n filesystem.\n\n - CVE-2009-0747\n David Maciejak reported an issue in the ext4 filesystem\n that allows local users to cause a denial of service\n (kernel oops) when mounting a specially crafted corrupt\n filesystem.\n\n - CVE-2009-0748\n David Maciejak reported an additional issue in the ext4\n filesystem that allows local users to cause a denial of\n service (kernel oops) when mounting a specially crafted\n corrupt filesystem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1749\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 packages.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in future updates to linux-2.6 and\nlinux-2.6.24.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-13lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"linux-doc-2.6.26\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-486\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-4kc-malta\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-5kc-malta\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-686-bigmem\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-alpha\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-arm\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-armel\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-hppa\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-i386\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-ia64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-mips\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-mipsel\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-powerpc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-s390\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-all-sparc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-alpha-generic\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-alpha-legacy\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-alpha-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-common\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-common-openvz\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-common-vserver\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-common-xen\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-footbridge\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-iop32x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-itanium\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-ixp4xx\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-mckinley\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-openvz-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-openvz-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-orion5x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-parisc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-parisc-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-parisc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-parisc64-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-powerpc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-powerpc-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-powerpc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-r4k-ip22\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-r5k-cobalt\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-r5k-ip32\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-s390\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-s390x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-sb1-bcm91250a\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-sb1a-bcm91480b\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-sparc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-sparc64-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-versatile\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-686-bigmem\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-itanium\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-mckinley\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-powerpc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-powerpc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-s390x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-vserver-sparc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-xen-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-1-xen-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-486\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-4kc-malta\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-5kc-malta\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-686-bigmem\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-alpha-generic\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-alpha-legacy\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-alpha-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-footbridge\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-iop32x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-itanium\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-ixp4xx\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-mckinley\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-openvz-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-openvz-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-orion5x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-parisc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-parisc-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-parisc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-parisc64-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-powerpc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-powerpc-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-powerpc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-r4k-ip22\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-r5k-cobalt\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-r5k-ip32\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-s390\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-s390-tape\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-s390x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-sb1-bcm91250a\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-sb1a-bcm91480b\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-sparc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-sparc64-smp\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-versatile\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-686-bigmem\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-itanium\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-mckinley\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-powerpc\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-powerpc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-s390x\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-vserver-sparc64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-xen-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-1-xen-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-libc-dev\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-manual-2.6.26\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-1-xen-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-1-xen-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-patch-debian-2.6.26\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-source-2.6.26\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-support-2.6.26-1\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-tree-2.6.26\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-1-xen-686\", reference:\"2.6.26-13lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-1-xen-amd64\", reference:\"2.6.26-13lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:15:05", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n(CVE-2009-1337)\n\nThe selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184)\n\ndrivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192)\n\nInteger overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes garbage memory to be sent. (CVE-2009-1265)\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:119)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1265", "CVE-2009-1337"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:em8300-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.29.3-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:libafs-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-server-latest", "p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nouveau-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nouveau-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nouveau-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:syntek-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.1"], "id": "MANDRIVA_MDVSA-2009-119.NASL", "href": "https://www.tenable.com/plugins/nessus/48145", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:119. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48145);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1265\", \"CVE-2009-1337\");\n script_bugtraq_id(34405, 34654, 34673);\n script_xref(name:\"MDVSA\", value:\"2009:119\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:119)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe exit_notify function in kernel/exit.c in the Linux kernel before\n2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability\nis held, which allows local users to send an arbitrary signal to a\nprocess by running a program that modifies the exit_signal field and\nthen uses an exec system call to launch a setuid application.\n(CVE-2009-1337)\n\nThe selinux_ip_postroute_iptables_compat function in\nsecurity/selinux/hooks.c in the SELinux subsystem in the Linux kernel\nbefore 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is\nenabled, omits calls to avc_has_perm for the (1) node and (2) port,\nwhich allows local users to bypass intended restrictions on network\ntraffic. NOTE: this was incorrectly reported as an issue fixed in\n2.6.27.21. (CVE-2009-1184)\n\ndrivers/char/agp/generic.c in the agp subsystem in the Linux kernel\nbefore 2.6.30-rc3 does not zero out pages that may later be available\nto a user-space process, which allows local users to obtain sensitive\ninformation by reading these pages. (CVE-2009-1192)\n\nInteger overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux\nkernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow\nremote attackers to obtain sensitive information via a large length\nvalue, which causes garbage memory to be sent. (CVE-2009-1265)\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 119, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.29.3-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libafs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:netfilter-rtsp-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nouveau-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:syntek-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.3-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.29.3-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-2.6.29.3-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090515.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-2.6.29.3-desktop-1mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"broadcom-wl-kernel-2.6.29.3-desktop586-1mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-2.6.29.3-server-1mnb-5.10.79.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-desktop-latest-5.10.79.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"broadcom-wl-kernel-desktop586-latest-5.10.79.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"broadcom-wl-kernel-server-latest-5.10.79.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-2.6.29.3-desktop-1mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"em8300-kernel-2.6.29.3-desktop586-1mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-2.6.29.3-server-1mnb-0.17.2-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-desktop-latest-0.17.2-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"em8300-kernel-desktop586-latest-0.17.2-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"em8300-kernel-server-latest-0.17.2-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.3-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.3-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.29.3-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090515.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-2.6.29.3-desktop-1mnb-8.600-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.29.3-desktop586-1mnb-8.600-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-2.6.29.3-server-1mnb-8.600-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-desktop-latest-8.600-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.600-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"fglrx-kernel-server-latest-8.600-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.3-desktop-1mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.3-desktop586-1mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.29.3-server-1mnb-1.18-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.18-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.18-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.18-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-2.6.29.3-desktop-1mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.29.3-desktop586-1mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-2.6.29.3-server-1mnb-7.80.02.03-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-desktop-latest-7.80.02.03-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.80.02.03-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hsfmodem-kernel-server-latest-7.80.02.03-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-2.6.29.3-desktop-1mnb-1.2-3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hso-kernel-2.6.29.3-desktop586-1mnb-1.2-3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-2.6.29.3-server-1mnb-1.2-3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-desktop-latest-1.2-1.20090515.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090515.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"hso-kernel-server-latest-1.2-1.20090515.3mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-devel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-devel-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-desktop-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-doc-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-devel-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-devel-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-server-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-source-2.6.29.3-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kernel-source-latest-2.6.29.3-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-2.6.29.3-desktop-1mnb-1.4.0pre1-4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.29.3-desktop586-1mnb-1.4.0pre1-4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-2.6.29.3-server-1mnb-1.4.0pre1-4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090515.4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090515.4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090515.4\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-2.6.29.3-desktop-1mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libafs-kernel-2.6.29.3-desktop586-1mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-2.6.29.3-server-1mnb-1.4.10-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-desktop-latest-1.4.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libafs-kernel-desktop586-latest-1.4.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"libafs-kernel-server-latest-1.4.10-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-2.6.29.3-desktop-1mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lirc-kernel-2.6.29.3-desktop586-1mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-2.6.29.3-server-1mnb-0.8.5-0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-desktop-latest-0.8.5-1.20090515.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.5-1.20090515.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lirc-kernel-server-latest-0.8.5-1.20090515.0.20090320.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-2.6.29.3-desktop-1mnb-4.43-27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lzma-kernel-2.6.29.3-desktop586-1mnb-4.43-27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-2.6.29.3-server-1mnb-4.43-27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090515.27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090515.27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"lzma-kernel-server-latest-4.43-1.20090515.27mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-2.6.29.3-desktop-1mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.29.3-desktop586-1mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-2.6.29.3-server-1mnb-0.9.4-4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090515.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090515.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090515.4.r3998mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb-2.6.26-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"netfilter-rtsp-kernel-2.6.29.3-desktop586-1mnb-2.6.26-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-2.6.29.3-server-1mnb-2.6.26-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-desktop-latest-2.6.26-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"netfilter-rtsp-kernel-desktop586-latest-2.6.26-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"netfilter-rtsp-kernel-server-latest-2.6.26-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-2.6.29.3-desktop-1mnb-0.0.12-0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nouveau-kernel-2.6.29.3-desktop586-1mnb-0.0.12-0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-2.6.29.3-server-1mnb-0.0.12-0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-desktop-latest-0.0.12-1.20090515.0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nouveau-kernel-desktop586-latest-0.0.12-1.20090515.0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nouveau-kernel-server-latest-0.0.12-1.20090515.0.20090329.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-2.6.29.3-desktop-1mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.29.3-desktop586-1mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-2.6.29.3-server-1mnb-180.51-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-desktop-latest-180.51-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-180.51-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia-current-kernel-server-latest-180.51-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-2.6.29.3-desktop-1mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.29.3-desktop586-1mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-2.6.29.3-server-1mnb-173.14.18-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-desktop-latest-173.14.18-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.18-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia173-kernel-server-latest-173.14.18-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-2.6.29.3-desktop-1mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.29.3-desktop586-1mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-2.6.29.3-server-1mnb-96.43.11-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.11-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.11-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"nvidia96xx-kernel-server-latest-96.43.11-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-2.6.29.3-desktop-1mnb-0.4.2a-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.29.3-desktop586-1mnb-0.4.2a-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-2.6.29.3-server-1mnb-0.4.2a-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-2.6.29.3-desktop-1mnb-1.4.0.0-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.29.3-desktop586-1mnb-1.4.0.0-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-2.6.29.3-server-1mnb-1.4.0.0-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-desktop-latest-1.4.0.0-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.4.0.0-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"rt2870-kernel-server-latest-1.4.0.0-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.3-desktop-1mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.3-desktop586-1mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.29.3-server-1mnb-2.9.11-0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090515.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090515.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090515.0.20080817.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-2.6.29.3-desktop-1mnb-3.4-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-kernel-2.6.29.3-desktop586-1mnb-3.4-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-2.6.29.3-server-1mnb-3.4-1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-desktop-latest-3.4-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-kernel-desktop586-latest-3.4-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-kernel-server-latest-3.4-1.20090515.1mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-2.6.29.3-desktop-1mnb-3.3-10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.29.3-desktop586-1mnb-3.3-10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-2.6.29.3-server-1mnb-3.3-10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090515.10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090515.10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090515.10mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.29.3-desktop-1mnb-1.3.1-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.29.3-desktop586-1mnb-1.3.1-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-2.6.29.3-server-1mnb-1.3.1-5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-desktop-latest-1.3.1-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-desktop586-latest-1.3.1-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"syntek-kernel-server-latest-1.3.1-1.20090515.5mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-2.6.29.3-desktop-1mnb-0.40-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.29.3-desktop586-1mnb-0.40-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-2.6.29.3-server-1mnb-0.40-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-desktop-latest-0.40-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.40-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tp_smapi-kernel-server-latest-0.40-1.20090515.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-2.6.29.3-desktop-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vboxadditions-kernel-2.6.29.3-desktop586-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-2.6.29.3-server-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-desktop-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vboxadditions-kernel-desktop586-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vboxadditions-kernel-server-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-2.6.29.3-desktop-1mnb-1.2.1-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vhba-kernel-2.6.29.3-desktop586-1mnb-1.2.1-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-2.6.29.3-server-1mnb-1.2.1-2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-desktop-latest-1.2.1-1.20090519.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.2.1-1.20090519.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vhba-kernel-server-latest-1.2.1-1.20090519.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-2.6.29.3-desktop-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.29.3-desktop586-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-2.6.29.3-server-1mnb-2.2.0-4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-desktop-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"virtualbox-kernel-server-latest-2.2.0-1.20090515.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-2.6.29.3-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.29.3-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-2.6.29.3-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090515.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-11T14:26:50", "description": "This update addresses the following security issues :\n\n - a buffer overflow was found in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n - a memory leak was found in keyctl handling. A local, unprivileged user could use this flaw to deplete kernel memory, eventually leading to a denial of service.\n (CVE-2009-0031, Important)\n\n - a deficiency was found in the Remote BIOS Update (RBU) driver for Dell systems. This could allow a local, unprivileged user to cause a denial of service by reading zero bytes from the image_type or packet_size file in '/sys/devices/platform/dell_rbu/'.\n (CVE-2009-0322, Important)\n\n - a deficiency was found in the libATA implementation.\n This could, potentially, lead to a denial of service.\n Note: by default, '/dev/sg*' devices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n - when the hypervisor changed a page table entry (pte) mapping from read-only to writable via a make_writable hypercall, accessing the changed page immediately following the change caused a spurious page fault. When trying to install a para-virtualized Scientific Linux 4 guest on a Scientific Linux 5.3 dom0 host, this fault crashed the installer with a kernel backtrace. With this update, the 'spurious' page fault is handled properly.\n (BZ#483748)\n\n - net_rx_action could detect its cpu poll_list as non-empty, but have that same list reduced to empty by the poll_napi path. This resulted in garbage data being returned when net_rx_action calls list_entry, which subsequently resulted in several possible crash conditions. The race condition in the network code which caused this has been fixed. (BZ#475970, BZ#479681 &\n BZ#480741)\n\n - a misplaced memory barrier at unlock_buffer() could lead to a concurrent h_refcounter update which produced a reference counter leak and, later, a double free in ext3_xattr_release_block(). Consequent to the double free, ext3 reported an error\n\n ext3_free_blocks_sb: bit already cleared for block [block number]\n\n and mounted itself as read-only. With this update, the memory barrier is now placed before the buffer head lock bit, forcing the write order and preventing the double free. (BZ#476533)\n\n - when the iptables module was unloaded, it was assumed the correct entry for removal had been found if 'wrapper->ops->pf' matched the value passed in by 'reg->pf'. If several ops ranges were registered against the same protocol family, however, (which was likely if you had both ip_conntrack and ip_contrack_* loaded) this assumption could lead to NULL list pointers and cause a kernel panic. With this update, 'wrapper->ops' is matched to pointer values 'reg', which ensures the correct entry is removed and results in no NULL list pointers. (BZ#477147)\n\n - when the pidmap page (used for tracking process ids, pids) incremented to an even page (ie the second, fourth, sixth, etc. pidmap page), the alloc_pidmap() routine skipped the page. This resulted in 'holes' in the allocated pids. For example, after pid 32767, you would expect 32768 to be allocated. If the page skipping behavior presented, however, the pid allocated after 32767 was 65536. With this update, alloc_pidmap() no longer skips alternate pidmap pages and allocated pid holes no longer occur. This fix also corrects an error which allowed pid_max to be set higher than the pid_max limit has been corrected. (BZ#479182)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5700", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0322"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090312_KERNEL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60543", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60543);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5700\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL4.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update addresses the following security issues :\n\n - a buffer overflow was found in the Linux kernel Partial\n Reliable Stream Control Transmission Protocol (PR-SCTP)\n implementation. This could, potentially, lead to a\n denial of service if a Forward-TSN chunk is received\n with a large stream ID. (CVE-2009-0065, Important)\n\n - a memory leak was found in keyctl handling. A local,\n unprivileged user could use this flaw to deplete kernel\n memory, eventually leading to a denial of service.\n (CVE-2009-0031, Important)\n\n - a deficiency was found in the Remote BIOS Update (RBU)\n driver for Dell systems. This could allow a local,\n unprivileged user to cause a denial of service by\n reading zero bytes from the image_type or packet_size\n file in '/sys/devices/platform/dell_rbu/'.\n (CVE-2009-0322, Important)\n\n - a deficiency was found in the libATA implementation.\n This could, potentially, lead to a denial of service.\n Note: by default, '/dev/sg*' devices are accessible only\n to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n - when the hypervisor changed a page table entry (pte)\n mapping from read-only to writable via a make_writable\n hypercall, accessing the changed page immediately\n following the change caused a spurious page fault. When\n trying to install a para-virtualized Scientific Linux 4\n guest on a Scientific Linux 5.3 dom0 host, this fault\n crashed the installer with a kernel backtrace. With this\n update, the 'spurious' page fault is handled properly.\n (BZ#483748)\n\n - net_rx_action could detect its cpu poll_list as\n non-empty, but have that same list reduced to empty by\n the poll_napi path. This resulted in garbage data being\n returned when net_rx_action calls list_entry, which\n subsequently resulted in several possible crash\n conditions. The race condition in the network code which\n caused this has been fixed. (BZ#475970, BZ#479681 &\n BZ#480741)\n\n - a misplaced memory barrier at unlock_buffer() could lead\n to a concurrent h_refcounter update which produced a\n reference counter leak and, later, a double free in\n ext3_xattr_release_block(). Consequent to the double\n free, ext3 reported an error\n\n ext3_free_blocks_sb: bit already cleared for block\n [block number]\n\n and mounted itself as read-only. With this update, the\n memory barrier is now placed before the buffer head lock\n bit, forcing the write order and preventing the double\n free. (BZ#476533)\n\n - when the iptables module was unloaded, it was assumed\n the correct entry for removal had been found if\n 'wrapper->ops->pf' matched the value passed in by\n 'reg->pf'. If several ops ranges were registered against\n the same protocol family, however, (which was likely if\n you had both ip_conntrack and ip_contrack_* loaded) this\n assumption could lead to NULL list pointers and cause a\n kernel panic. With this update, 'wrapper->ops' is\n matched to pointer values 'reg', which ensures the\n correct entry is removed and results in no NULL list\n pointers. (BZ#477147)\n\n - when the pidmap page (used for tracking process ids,\n pids) incremented to an even page (ie the second,\n fourth, sixth, etc. pidmap page), the alloc_pidmap()\n routine skipped the page. This resulted in 'holes' in\n the allocated pids. For example, after pid 32767, you\n would expect 32768 to be allocated. If the page skipping\n behavior presented, however, the pid allocated after\n 32767 was 65536. With this update, alloc_pidmap() no\n longer skips alternate pidmap pages and allocated pid\n holes no longer occur. This fix also corrects an error\n which allowed pid_max to be set higher than the pid_max\n limit has been corrected. (BZ#479182)\n\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=475970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=476533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=477147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=479681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=483748\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0903&L=scientific-linux-errata&T=0&P=1320\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0c1087c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"kernel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-doc-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-smp-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:57:58", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a buffer overflow was found in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a memory leak was found in keyctl handling. A local, unprivileged user could use this flaw to deplete kernel memory, eventually leading to a denial of service. (CVE-2009-0031, Important)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell systems. This could allow a local, unprivileged user to cause a denial of service by reading zero bytes from the image_type or packet_size file in '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322, Important)\n\n* a deficiency was found in the libATA implementation. This could, potentially, lead to a denial of service. Note: by default, '/dev/sg*' devices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n* when the hypervisor changed a page table entry (pte) mapping from read-only to writable via a make_writable hypercall, accessing the changed page immediately following the change caused a spurious page fault. When trying to install a para-virtualized Red Hat Enterprise Linux 4 guest on a Red Hat Enterprise Linux 5.3 dom0 host, this fault crashed the installer with a kernel backtrace. With this update, the 'spurious' page fault is handled properly. (BZ#483748)\n\n* net_rx_action could detect its cpu poll_list as non-empty, but have that same list reduced to empty by the poll_napi path. This resulted in garbage data being returned when net_rx_action calls list_entry, which subsequently resulted in several possible crash conditions. The race condition in the network code which caused this has been fixed.\n(BZ#475970, BZ#479681 & BZ#480741)\n\n* a misplaced memory barrier at unlock_buffer() could lead to a concurrent h_refcounter update which produced a reference counter leak and, later, a double free in ext3_xattr_release_block(). Consequent to the double free, ext3 reported an error\n\next3_free_blocks_sb: bit already cleared for block [block number]\n\nand mounted itself as read-only. With this update, the memory barrier is now placed before the buffer head lock bit, forcing the write order and preventing the double free. (BZ#476533)\n\n* when the iptables module was unloaded, it was assumed the correct entry for removal had been found if 'wrapper->ops->pf' matched the value passed in by 'reg->pf'. If several ops ranges were registered against the same protocol family, however, (which was likely if you had both ip_conntrack and ip_contrack_* loaded) this assumption could lead to NULL list pointers and cause a kernel panic. With this update, 'wrapper->ops' is matched to pointer values 'reg', which ensures the correct entry is removed and results in no NULL list pointers.\n(BZ#477147)\n\n* when the pidmap page (used for tracking process ids, pids) incremented to an even page (ie the second, fourth, sixth, etc. pidmap page), the alloc_pidmap() routine skipped the page. This resulted in 'holes' in the allocated pids. For example, after pid 32767, you would expect 32768 to be allocated. If the page skipping behavior presented, however, the pid allocated after 32767 was 65536. With this update, alloc_pidmap() no longer skips alternate pidmap pages and allocated pid holes no longer occur. This fix also corrects an error which allowed pid_max to be set higher than the pid_max limit has been corrected. (BZ#479182)\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-01-06T00:00:00", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2009:0331)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5700", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0322"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-hugemem", "p-cpe:/a:centos:centos:kernel-hugemem-devel", "p-cpe:/a:centos:centos:kernel-largesmp", "p-cpe:/a:centos:centos:kernel-largesmp-devel", "p-cpe:/a:centos:centos:kernel-smp", "p-cpe:/a:centos:centos:kernel-smp-devel", "p-cpe:/a:centos:centos:kernel-xenU", "p-cpe:/a:centos:centos:kernel-xenU-devel", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-0331.NASL", "href": "https://www.tenable.com/plugins/nessus/43730", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0331 and \n# CentOS Errata and Security Advisory 2009:0331 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43730);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-5700\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\");\n script_bugtraq_id(33113);\n script_xref(name:\"RHSA\", value:\"2009:0331\");\n\n script_name(english:\"CentOS 4 : kernel (CESA-2009:0331)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a buffer overflow was found in the Linux kernel Partial Reliable\nStream Control Transmission Protocol (PR-SCTP) implementation. This\ncould, potentially, lead to a denial of service if a Forward-TSN chunk\nis received with a large stream ID. (CVE-2009-0065, Important)\n\n* a memory leak was found in keyctl handling. A local, unprivileged\nuser could use this flaw to deplete kernel memory, eventually leading\nto a denial of service. (CVE-2009-0031, Important)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for\nDell systems. This could allow a local, unprivileged user to cause a\ndenial of service by reading zero bytes from the image_type or\npacket_size file in '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322,\nImportant)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a denial of service. Note: by default, '/dev/sg*'\ndevices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n* when the hypervisor changed a page table entry (pte) mapping from\nread-only to writable via a make_writable hypercall, accessing the\nchanged page immediately following the change caused a spurious page\nfault. When trying to install a para-virtualized Red Hat Enterprise\nLinux 4 guest on a Red Hat Enterprise Linux 5.3 dom0 host, this fault\ncrashed the installer with a kernel backtrace. With this update, the\n'spurious' page fault is handled properly. (BZ#483748)\n\n* net_rx_action could detect its cpu poll_list as non-empty, but have\nthat same list reduced to empty by the poll_napi path. This resulted\nin garbage data being returned when net_rx_action calls list_entry,\nwhich subsequently resulted in several possible crash conditions. The\nrace condition in the network code which caused this has been fixed.\n(BZ#475970, BZ#479681 & BZ#480741)\n\n* a misplaced memory barrier at unlock_buffer() could lead to a\nconcurrent h_refcounter update which produced a reference counter leak\nand, later, a double free in ext3_xattr_release_block(). Consequent to\nthe double free, ext3 reported an error\n\next3_free_blocks_sb: bit already cleared for block [block number]\n\nand mounted itself as read-only. With this update, the memory barrier\nis now placed before the buffer head lock bit, forcing the write order\nand preventing the double free. (BZ#476533)\n\n* when the iptables module was unloaded, it was assumed the correct\nentry for removal had been found if 'wrapper->ops->pf' matched the\nvalue passed in by 'reg->pf'. If several ops ranges were registered\nagainst the same protocol family, however, (which was likely if you\nhad both ip_conntrack and ip_contrack_* loaded) this assumption could\nlead to NULL list pointers and cause a kernel panic. With this update,\n'wrapper->ops' is matched to pointer values 'reg', which ensures the\ncorrect entry is removed and results in no NULL list pointers.\n(BZ#477147)\n\n* when the pidmap page (used for tracking process ids, pids)\nincremented to an even page (ie the second, fourth, sixth, etc. pidmap\npage), the alloc_pidmap() routine skipped the page. This resulted in\n'holes' in the allocated pids. For example, after pid 32767, you would\nexpect 32768 to be allocated. If the page skipping behavior presented,\nhowever, the pid allocated after 32767 was 65536. With this update,\nalloc_pidmap() no longer skips alternate pidmap pages and allocated\npid holes no longer occur. This fix also corrects an error which\nallowed pid_max to be set higher than the pid_max limit has been\ncorrected. (BZ#479182)\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\nThe system must be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015804.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bba327f1\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015805.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cb685b95\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-doc-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.EL\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.EL\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:51:32", "description": "Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a buffer overflow was found in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a memory leak was found in keyctl handling. A local, unprivileged user could use this flaw to deplete kernel memory, eventually leading to a denial of service. (CVE-2009-0031, Important)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell systems. This could allow a local, unprivileged user to cause a denial of service by reading zero bytes from the image_type or packet_size file in '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322, Important)\n\n* a deficiency was found in the libATA implementation. This could, potentially, lead to a denial of service. Note: by default, '/dev/sg*' devices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n* when the hypervisor changed a page table entry (pte) mapping from read-only to writable via a make_writable hypercall, accessing the changed page immediately following the change caused a spurious page fault. When trying to install a para-virtualized Red Hat Enterprise Linux 4 guest on a Red Hat Enterprise Linux 5.3 dom0 host, this fault crashed the installer with a kernel backtrace. With this update, the 'spurious' page fault is handled properly. (BZ#483748)\n\n* net_rx_action could detect its cpu poll_list as non-empty, but have that same list reduced to empty by the poll_napi path. This resulted in garbage data being returned when net_rx_action calls list_entry, which subsequently resulted in several possible crash conditions. The race condition in the network code which caused this has been fixed.\n(BZ#475970, BZ#479681 & BZ#480741)\n\n* a misplaced memory barrier at unlock_buffer() could lead to a concurrent h_refcounter update which produced a reference counter leak and, later, a double free in ext3_xattr_release_block(). Consequent to the double free, ext3 reported an error\n\next3_free_blocks_sb: bit already cleared for block [block number]\n\nand mounted itself as read-only. With this update, the memory barrier is now placed before the buffer head lock bit, forcing the write order and preventing the double free. (BZ#476533)\n\n* when the iptables module was unloaded, it was assumed the correct entry for removal had been found if 'wrapper->ops->pf' matched the value passed in by 'reg->pf'. If several ops ranges were registered against the same protocol family, however, (which was likely if you had both ip_conntrack and ip_contrack_* loaded) this assumption could lead to NULL list pointers and cause a kernel panic. With this update, 'wrapper->ops' is matched to pointer values 'reg', which ensures the correct entry is removed and results in no NULL list pointers.\n(BZ#477147)\n\n* when the pidmap page (used for tracking process ids, pids) incremented to an even page (ie the second, fourth, sixth, etc. pidmap page), the alloc_pidmap() routine skipped the page. This resulted in 'holes' in the allocated pids. For example, after pid 32767, you would expect 32768 to be allocated. If the page skipping behavior presented, however, the pid allocated after 32767 was 65536. With this update, alloc_pidmap() no longer skips alternate pidmap pages and allocated pid holes no longer occur. This fix also corrects an error which allowed pid_max to be set higher than the pid_max limit has been corrected. (BZ#479182)\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-03-13T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:0331)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5700", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0322"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0331.NASL", "href": "https://www.tenable.com/plugins/nessus/35919", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0331. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35919);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5700\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\");\n script_bugtraq_id(33113);\n script_xref(name:\"RHSA\", value:\"2009:0331\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:0331)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a buffer overflow was found in the Linux kernel Partial Reliable\nStream Control Transmission Protocol (PR-SCTP) implementation. This\ncould, potentially, lead to a denial of service if a Forward-TSN chunk\nis received with a large stream ID. (CVE-2009-0065, Important)\n\n* a memory leak was found in keyctl handling. A local, unprivileged\nuser could use this flaw to deplete kernel memory, eventually leading\nto a denial of service. (CVE-2009-0031, Important)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for\nDell systems. This could allow a local, unprivileged user to cause a\ndenial of service by reading zero bytes from the image_type or\npacket_size file in '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322,\nImportant)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a denial of service. Note: by default, '/dev/sg*'\ndevices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n* when the hypervisor changed a page table entry (pte) mapping from\nread-only to writable via a make_writable hypercall, accessing the\nchanged page immediately following the change caused a spurious page\nfault. When trying to install a para-virtualized Red Hat Enterprise\nLinux 4 guest on a Red Hat Enterprise Linux 5.3 dom0 host, this fault\ncrashed the installer with a kernel backtrace. With this update, the\n'spurious' page fault is handled properly. (BZ#483748)\n\n* net_rx_action could detect its cpu poll_list as non-empty, but have\nthat same list reduced to empty by the poll_napi path. This resulted\nin garbage data being returned when net_rx_action calls list_entry,\nwhich subsequently resulted in several possible crash conditions. The\nrace condition in the network code which caused this has been fixed.\n(BZ#475970, BZ#479681 & BZ#480741)\n\n* a misplaced memory barrier at unlock_buffer() could lead to a\nconcurrent h_refcounter update which produced a reference counter leak\nand, later, a double free in ext3_xattr_release_block(). Consequent to\nthe double free, ext3 reported an error\n\next3_free_blocks_sb: bit already cleared for block [block number]\n\nand mounted itself as read-only. With this update, the memory barrier\nis now placed before the buffer head lock bit, forcing the write order\nand preventing the double free. (BZ#476533)\n\n* when the iptables module was unloaded, it was assumed the correct\nentry for removal had been found if 'wrapper->ops->pf' matched the\nvalue passed in by 'reg->pf'. If several ops ranges were registered\nagainst the same protocol family, however, (which was likely if you\nhad both ip_conntrack and ip_contrack_* loaded) this assumption could\nlead to NULL list pointers and cause a kernel panic. With this update,\n'wrapper->ops' is matched to pointer values 'reg', which ensures the\ncorrect entry is removed and results in no NULL list pointers.\n(BZ#477147)\n\n* when the pidmap page (used for tracking process ids, pids)\nincremented to an even page (ie the second, fourth, sixth, etc. pidmap\npage), the alloc_pidmap() routine skipped the page. This resulted in\n'holes' in the allocated pids. For example, after pid 32767, you would\nexpect 32768 to be allocated. If the page skipping behavior presented,\nhowever, the pid allocated after 32767 was 65536. With this update,\nalloc_pidmap() no longer skips alternate pidmap pages and allocated\npid holes no longer occur. This fix also corrects an error which\nallowed pid_max to be set higher than the pid_max limit has been\ncorrected. (BZ#479182)\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0331\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2008-5700\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:0331\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0331\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.EL\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.EL\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:06", "description": "From Red Hat Security Advisory 2009:0331 :\n\nUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update addresses the following security issues :\n\n* a buffer overflow was found in the Linux kernel Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a denial of service if a Forward-TSN chunk is received with a large stream ID. (CVE-2009-0065, Important)\n\n* a memory leak was found in keyctl handling. A local, unprivileged user could use this flaw to deplete kernel memory, eventually leading to a denial of service. (CVE-2009-0031, Important)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for Dell systems. This could allow a local, unprivileged user to cause a denial of service by reading zero bytes from the image_type or packet_size file in '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322, Important)\n\n* a deficiency was found in the libATA implementation. This could, potentially, lead to a denial of service. Note: by default, '/dev/sg*' devices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n* when the hypervisor changed a page table entry (pte) mapping from read-only to writable via a make_writable hypercall, accessing the changed page immediately following the change caused a spurious page fault. When trying to install a para-virtualized Red Hat Enterprise Linux 4 guest on a Red Hat Enterprise Linux 5.3 dom0 host, this fault crashed the installer with a kernel backtrace. With this update, the 'spurious' page fault is handled properly. (BZ#483748)\n\n* net_rx_action could detect its cpu poll_list as non-empty, but have that same list reduced to empty by the poll_napi path. This resulted in garbage data being returned when net_rx_action calls list_entry, which subsequently resulted in several possible crash conditions. The race condition in the network code which caused this has been fixed.\n(BZ#475970, BZ#479681 & BZ#480741)\n\n* a misplaced memory barrier at unlock_buffer() could lead to a concurrent h_refcounter update which produced a reference counter leak and, later, a double free in ext3_xattr_release_block(). Consequent to the double free, ext3 reported an error\n\next3_free_blocks_sb: bit already cleared for block [block number]\n\nand mounted itself as read-only. With this update, the memory barrier is now placed before the buffer head lock bit, forcing the write order and preventing the double free. (BZ#476533)\n\n* when the iptables module was unloaded, it was assumed the correct entry for removal had been found if 'wrapper->ops->pf' matched the value passed in by 'reg->pf'. If several ops ranges were registered against the same protocol family, however, (which was likely if you had both ip_conntrack and ip_contrack_* loaded) this assumption could lead to NULL list pointers and cause a kernel panic. With this update, 'wrapper->ops' is matched to pointer values 'reg', which ensures the correct entry is removed and results in no NULL list pointers.\n(BZ#477147)\n\n* when the pidmap page (used for tracking process ids, pids) incremented to an even page (ie the second, fourth, sixth, etc. pidmap page), the alloc_pidmap() routine skipped the page. This resulted in 'holes' in the allocated pids. For example, after pid 32767, you would expect 32768 to be allocated. If the page skipping behavior presented, however, the pid allocated after 32767 was 65536. With this update, alloc_pidmap() no longer skips alternate pidmap pages and allocated pid holes no longer occur. This fix also corrects an error which allowed pid_max to be set higher than the pid_max limit has been corrected. (BZ#479182)\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated packages, which contain backported patches to resolve these issues.\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2009-0331)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5700", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0322"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-hugemem", "p-cpe:/a:oracle:linux:kernel-hugemem-devel", "p-cpe:/a:oracle:linux:kernel-largesmp", "p-cpe:/a:oracle:linux:kernel-largesmp-devel", "p-cpe:/a:oracle:linux:kernel-smp", "p-cpe:/a:oracle:linux:kernel-smp-devel", "p-cpe:/a:oracle:linux:kernel-xenU", "p-cpe:/a:oracle:linux:kernel-xenU-devel", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0331.NASL", "href": "https://www.tenable.com/plugins/nessus/67814", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0331 and \n# Oracle Linux Security Advisory ELSA-2009-0331 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67814);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2008-5700\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\");\n script_bugtraq_id(33113);\n script_xref(name:\"RHSA\", value:\"2009:0331\");\n\n script_name(english:\"Oracle Linux 4 : kernel (ELSA-2009-0331)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0331 :\n\nUpdated kernel packages that resolve several security issues and fix\nvarious bugs are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update addresses the following security issues :\n\n* a buffer overflow was found in the Linux kernel Partial Reliable\nStream Control Transmission Protocol (PR-SCTP) implementation. This\ncould, potentially, lead to a denial of service if a Forward-TSN chunk\nis received with a large stream ID. (CVE-2009-0065, Important)\n\n* a memory leak was found in keyctl handling. A local, unprivileged\nuser could use this flaw to deplete kernel memory, eventually leading\nto a denial of service. (CVE-2009-0031, Important)\n\n* a deficiency was found in the Remote BIOS Update (RBU) driver for\nDell systems. This could allow a local, unprivileged user to cause a\ndenial of service by reading zero bytes from the image_type or\npacket_size file in '/sys/devices/platform/dell_rbu/'. (CVE-2009-0322,\nImportant)\n\n* a deficiency was found in the libATA implementation. This could,\npotentially, lead to a denial of service. Note: by default, '/dev/sg*'\ndevices are accessible only to the root user. (CVE-2008-5700, Low)\n\nThis update also fixes the following bugs :\n\n* when the hypervisor changed a page table entry (pte) mapping from\nread-only to writable via a make_writable hypercall, accessing the\nchanged page immediately following the change caused a spurious page\nfault. When trying to install a para-virtualized Red Hat Enterprise\nLinux 4 guest on a Red Hat Enterprise Linux 5.3 dom0 host, this fault\ncrashed the installer with a kernel backtrace. With this update, the\n'spurious' page fault is handled properly. (BZ#483748)\n\n* net_rx_action could detect its cpu poll_list as non-empty, but have\nthat same list reduced to empty by the poll_napi path. This resulted\nin garbage data being returned when net_rx_action calls list_entry,\nwhich subsequently resulted in several possible crash conditions. The\nrace condition in the network code which caused this has been fixed.\n(BZ#475970, BZ#479681 & BZ#480741)\n\n* a misplaced memory barrier at unlock_buffer() could lead to a\nconcurrent h_refcounter update which produced a reference counter leak\nand, later, a double free in ext3_xattr_release_block(). Consequent to\nthe double free, ext3 reported an error\n\next3_free_blocks_sb: bit already cleared for block [block number]\n\nand mounted itself as read-only. With this update, the memory barrier\nis now placed before the buffer head lock bit, forcing the write order\nand preventing the double free. (BZ#476533)\n\n* when the iptables module was unloaded, it was assumed the correct\nentry for removal had been found if 'wrapper->ops->pf' matched the\nvalue passed in by 'reg->pf'. If several ops ranges were registered\nagainst the same protocol family, however, (which was likely if you\nhad both ip_conntrack and ip_contrack_* loaded) this assumption could\nlead to NULL list pointers and cause a kernel panic. With this update,\n'wrapper->ops' is matched to pointer values 'reg', which ensures the\ncorrect entry is removed and results in no NULL list pointers.\n(BZ#477147)\n\n* when the pidmap page (used for tracking process ids, pids)\nincremented to an even page (ie the second, fourth, sixth, etc. pidmap\npage), the alloc_pidmap() routine skipped the page. This resulted in\n'holes' in the allocated pids. For example, after pid 32767, you would\nexpect 32768 to be allocated. If the page skipping behavior presented,\nhowever, the pid allocated after 32767 was 65536. With this update,\nalloc_pidmap() no longer skips alternate pidmap pages and allocated\npid holes no longer occur. This fix also corrects an error which\nallowed pid_max to be set higher than the pid_max limit has been\ncorrected. (BZ#479182)\n\nAll Red Hat Enterprise Linux 4 users should upgrade to these updated\npackages, which contain backported patches to resolve these issues.\nThe system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000912.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2008-5700\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0322\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2009-0331\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-devel-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-doc-2.6.9\") && rpm_check(release:\"EL4\", reference:\"kernel-doc-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-hugemem-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-hugemem-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"ia64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-largesmp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-smp-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-smp-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\nif (rpm_exists(release:\"EL4\", rpm:\"kernel-xenU-devel-2.6.9\") && rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.17.0.1.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:58:42", "description": "Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :\n\nThe skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an inverted logic issue. (CVE-2009-0675)\n\nThe sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)\n\nAdditionaly, this update provides stable 1.0.18 ALSA updates/fixes, STAC92HD71Bx/STAC92HD75Bx hda-intel support changes/fixes (affects sound chip codecs used on several HP dv laptop series), fixes/enhancements for HP Educ.ar machine HDA sound support, minor alsa hda-intel code cleanup for ALC888 6stack-dell model, to stop printing uneeded output to kernel log, and a few more things. Check the package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2009:071)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0675", "CVE-2009-0676"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:et131x-kernel-server-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:hso-kernel-server-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest", "p-cpe:/a:mandriva:linux:kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kernel-doc", "p-cpe:/a:mandriva:linux:kernel-server-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-server-devel-latest", "p-cpe:/a:mandriva:linux:kernel-server-latest", "p-cpe:/a:mandriva:linux:kernel-source-2.6.27.19-1mnb", "p-cpe:/a:mandriva:linux:kernel-source-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lirc-kernel-server-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vhba-kernel-server-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.19-desktop-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.19-desktop586-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.19-server-1mnb", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest", "p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2009-071.NASL", "href": "https://www.tenable.com/plugins/nessus/37409", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:071. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37409);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0675\", \"CVE-2009-0676\");\n script_bugtraq_id(33846);\n script_xref(name:\"MDVSA\", value:\"2009:071\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2009:071)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Some vulnerabilities were discovered and corrected in the Linux 2.6\nkernel :\n\nThe skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux\nkernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the\nCAP_NET_ADMIN capability is absent, instead of when this capability is\npresent, which allows local users to reset the driver statistics,\nrelated to an inverted logic issue. (CVE-2009-0675)\n\nThe sock_getsockopt function in net/core/sock.c in the Linux kernel\nbefore 2.6.28.6 does not initialize a certain structure member, which\nallows local users to obtain potentially sensitive information from\nkernel memory via an SO_BSDCOMPAT getsockopt request. (CVE-2009-0676)\n\nAdditionaly, this update provides stable 1.0.18 ALSA updates/fixes,\nSTAC92HD71Bx/STAC92HD75Bx hda-intel support changes/fixes (affects\nsound chip codecs used on several HP dv laptop series),\nfixes/enhancements for HP Educ.ar machine HDA sound support, minor\nalsa hda-intel code cleanup for ALC888 6stack-dell model, to stop\nprinting uneeded output to kernel log, and a few more things. Check\nthe package changelog for details.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandriva.com/en/security/kernelupdate\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:hso-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.19-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.19-desktop-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.19-desktop586-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.19-server-1mnb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.19-desktop-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-2.6.27.19-desktop586-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-2.6.27.19-server-1mnb-0.5.1-2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20090305.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20090305.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"alsa_raoppcm-kernel-server-latest-0.5.1-1.20090305.2mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.19-desktop-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-2.6.27.19-desktop586-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-2.6.27.19-server-1mnb-2.3.0-2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-desktop-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"drm-experimental-kernel-desktop586-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"drm-experimental-kernel-server-latest-2.3.0-1.20090305.2.20080912.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.19-desktop-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-2.6.27.19-desktop586-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-2.6.27.19-server-1mnb-1.2.3-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-desktop-latest-1.2.3-1.20090305.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"et131x-kernel-desktop586-latest-1.2.3-1.20090305.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"et131x-kernel-server-latest-1.2.3-1.20090305.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.19-desktop-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.19-desktop586-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-2.6.27.19-server-1mnb-3.11.07-7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop-latest-3.11.07-1.20090305.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-desktop586-latest-3.11.07-1.20090305.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fcpci-kernel-server-latest-3.11.07-1.20090305.7mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.19-desktop-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-2.6.27.19-desktop586-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-2.6.27.19-server-1mnb-8.522-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-desktop-latest-8.522-1.20090305.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"fglrx-kernel-desktop586-latest-8.522-1.20090305.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"fglrx-kernel-server-latest-8.522-1.20090305.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.19-desktop-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-2.6.27.19-desktop586-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-2.6.27.19-server-1mnb-2.03.07-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-desktop-latest-2.03.07-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"gnbd-kernel-desktop586-latest-2.03.07-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"gnbd-kernel-server-latest-2.03.07-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.19-desktop-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.19-desktop586-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-2.6.27.19-server-1mnb-1.17-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop-latest-1.17-1.20090305.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-desktop586-latest-1.17-1.20090305.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hcfpcimodem-kernel-server-latest-1.17-1.20090305.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.19-desktop-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-2.6.27.19-desktop586-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-2.6.27.19-server-1mnb-7.68.00.13-1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20090305.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20090305.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hsfmodem-kernel-server-latest-7.68.00.13-1.20090305.1.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.19-desktop-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-2.6.27.19-desktop586-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-2.6.27.19-server-1mnb-1.2-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-desktop-latest-1.2-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"hso-kernel-desktop586-latest-1.2-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"hso-kernel-server-latest-1.2-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.19-desktop-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-2.6.27.19-desktop586-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-2.6.27.19-server-1mnb-0.4.16-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-desktop-latest-0.4.16-1.20090305.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"iscsitarget-kernel-desktop586-latest-0.4.16-1.20090305.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"iscsitarget-kernel-server-latest-0.4.16-1.20090305.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-devel-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-desktop-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-devel-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kernel-desktop586-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-doc-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-devel-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-server-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-2.6.27.19-1mnb-1-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kernel-source-latest-2.6.27.19-1mnb2\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.19-desktop-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-2.6.27.19-desktop586-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-2.6.27.19-server-1mnb-1.4.0pre1-0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-desktop-latest-1.4.0pre1-1.20090305.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20090305.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"kqemu-kernel-server-latest-1.4.0pre1-1.20090305.0\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.19-desktop-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-2.6.27.19-desktop586-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-2.6.27.19-server-1mnb-0.8.3-4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-desktop-latest-0.8.3-1.20090305.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lirc-kernel-desktop586-latest-0.8.3-1.20090305.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lirc-kernel-server-latest-0.8.3-1.20090305.4.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.19-desktop-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-2.6.27.19-desktop586-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-2.6.27.19-server-1mnb-4.43-24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-desktop-latest-4.43-1.20090305.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"lzma-kernel-desktop586-latest-4.43-1.20090305.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"lzma-kernel-server-latest-4.43-1.20090305.24mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.19-desktop-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-2.6.27.19-desktop586-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-2.6.27.19-server-1mnb-0.9.4-3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-desktop-latest-0.9.4-1.20090305.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"madwifi-kernel-desktop586-latest-0.9.4-1.20090305.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"madwifi-kernel-server-latest-0.9.4-1.20090305.3.r3835mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.19-desktop-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-2.6.27.19-desktop586-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-2.6.27.19-server-1mnb-177.70-2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-desktop-latest-177.70-1.20090305.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia-current-kernel-desktop586-latest-177.70-1.20090305.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia-current-kernel-server-latest-177.70-1.20090305.2.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-2.6.27.19-desktop-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-2.6.27.19-desktop586-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-2.6.27.19-server-1mnb-173.14.12-4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia173-kernel-desktop-latest-173.14.12-1.20090305.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia173-kernel-desktop586-latest-173.14.12-1.20090305.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"nvidia173-kernel-server-latest-173.14.12-1.20090305.4mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.19-desktop-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-2.6.27.19-desktop586-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-2.6.27.19-server-1mnb-71.86.06-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-desktop-latest-71.86.06-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia71xx-kernel-server-latest-71.86.06-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.19-desktop-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-2.6.27.19-desktop586-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-2.6.27.19-server-1mnb-96.43.07-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-desktop-latest-96.43.07-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"nvidia96xx-kernel-server-latest-96.43.07-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.19-desktop-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-2.6.27.19-desktop586-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-2.6.27.19-server-1mnb-0.8.0-1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-desktop-latest-0.8.0-1.20090305.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omfs-kernel-desktop586-latest-0.8.0-1.20090305.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omfs-kernel-server-latest-0.8.0-1.20090305.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.19-desktop-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-2.6.27.19-desktop586-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-2.6.27.19-server-1mnb-20080513-0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-desktop-latest-20080513-1.20090305.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"omnibook-kernel-desktop586-latest-20080513-1.20090305.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"omnibook-kernel-server-latest-20080513-1.20090305.0.274.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.19-desktop-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-2.6.27.19-desktop586-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-2.6.27.19-server-1mnb-0.4.2a-1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-desktop-latest-0.4.2a-1.20090305.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"opencbm-kernel-desktop586-latest-0.4.2a-1.20090305.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"opencbm-kernel-server-latest-0.4.2a-1.20090305.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.19-desktop-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-2.6.27.19-desktop586-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-2.6.27.19-server-1mnb-1.5.9-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-desktop-latest-1.5.9-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"ov51x-jpeg-kernel-desktop586-latest-1.5.9-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"ov51x-jpeg-kernel-server-latest-1.5.9-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.19-desktop-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-2.6.27.19-desktop586-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-2.6.27.19-server-1mnb-0.6.6-6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-desktop-latest-0.6.6-1.20090305.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"qc-usb-kernel-desktop586-latest-0.6.6-1.20090305.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"qc-usb-kernel-server-latest-0.6.6-1.20090305.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.19-desktop-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-2.6.27.19-desktop586-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-2.6.27.19-server-1mnb-1.7.0.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-desktop-latest-1.7.0.0-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2860-kernel-desktop586-latest-1.7.0.0-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2860-kernel-server-latest-1.7.0.0-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.19-desktop-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-2.6.27.19-desktop586-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-2.6.27.19-server-1mnb-1.3.1.0-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-desktop-latest-1.3.1.0-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rt2870-kernel-desktop586-latest-1.3.1.0-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rt2870-kernel-server-latest-1.3.1.0-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.19-desktop-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-2.6.27.19-desktop586-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-2.6.27.19-server-1mnb-1016.20080716-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-desktop-latest-1016.20080716-1.20090305.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20090305.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"rtl8187se-kernel-server-latest-1016.20080716-1.20090305.1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.19-desktop-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.19-desktop586-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-2.6.27.19-server-1mnb-2.9.11-0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop-latest-2.9.11-1.20090305.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-desktop586-latest-2.9.11-1.20090305.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"slmodem-kernel-server-latest-2.9.11-1.20090305.0.20080817.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.19-desktop-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-2.6.27.19-desktop586-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-2.6.27.19-server-1mnb-3.3-5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-desktop-latest-3.3-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"squashfs-lzma-kernel-desktop586-latest-3.3-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"squashfs-lzma-kernel-server-latest-3.3-1.20090305.5mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.19-desktop-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-2.6.27.19-desktop586-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-2.6.27.19-server-1mnb-0.37-2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-desktop-latest-0.37-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"tp_smapi-kernel-desktop586-latest-0.37-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tp_smapi-kernel-server-latest-0.37-1.20090305.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-2.6.27.19-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxadd-kernel-desktop586-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxadd-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-2.6.27.19-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vboxvfs-kernel-desktop586-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vboxvfs-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.19-desktop-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-2.6.27.19-desktop586-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-2.6.27.19-server-1mnb-1.0.0-1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-desktop-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vhba-kernel-desktop586-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vhba-kernel-server-latest-1.0.0-1.20090305.1.svn304.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.19-desktop-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-2.6.27.19-desktop586-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-2.6.27.19-server-1mnb-2.0.2-2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-desktop-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"virtualbox-kernel-desktop586-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"virtualbox-kernel-server-latest-2.0.2-1.20090305.2.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.19-desktop-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-2.6.27.19-desktop586-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-2.6.27.19-server-1mnb-4.8.01.0640-3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20090305.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20090305.3mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"vpnclient-kernel-server-latest-4.8.01.0640-1.20090305.3mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T15:01:16", "description": "Updated kernel packages are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 4. This is the eighth regular update.\n\nThese updated packages fix two security issues, hundreds of bugs, and add numerous enhancements. Space precludes a detailed description of each of these in this advisory. Refer to the Red Hat Enterprise Linux 4.8 Release Notes for information on 22 of the most significant of these changes. For more detailed information on specific bug fixes or enhancements, refer to the Bugzilla numbers associated with this advisory.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fixes :\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. (CVE-2009-1336, Moderate)\n\nBug Fixes and Enhancements :\n\nKernel Feature Support :\n\n* added a new allowable value to '/proc/sys/kernel/wake_balance' to allow the scheduler to run the thread on any available CPU rather than scheduling it on the optimal CPU. * added 'max_writeback_pages' tunable parameter to /proc/sys/vm/ to allow the maximum number of modified pages kupdate writes to disk, per iteration per run. * added 'swap_token_timeout' tunable parameter to /proc/sys/vm/ to provide a valid hold time for the swap out protection token. * added diskdump support to sata_svw driver. * limited physical memory to 64GB for 32-bit kernels running on systems with more than 64GB of physical memory to prevent boot failures. * improved reliability of autofs. * added support for 'rdattr_error' in NFSv4 readdir requests. * fixed various short packet handling issues for NFSv4 readdir and sunrpc. * fixed several CIFS bugs.\n\nNetworking and IPv6 Enablement :\n\n* added router solicitation support. * enforced sg requires tx csum in ethtool.\n\nPlatform Support :\n\nx86, AMD64, Intel 64, IBM System z\n\n* added support for a new Intel chipset. * added initialization vendor info in boot_cpu_data. * added support for N_Port ID Virtualization (NPIV) for IBM System z guests using zFCP. * added HDMI support for some AMD and ATI chipsets. * updated HDA driver in ALSA to latest upstream as of 2008-07-22. * added support for affected_cpus for cpufreq. * removed polling timer from i8042. * fixed PM-Timer when using the ASUS A8V Deluxe motherboard. * backported usbfs_mutex in usbfs.\n\n64-bit PowerPC :\n\n* updated eHEA driver from version 0078-04 to 0078-08. * updated logging of checksum errors in the eHEA driver.\n\nNetwork Driver Updates :\n\n* updated forcedeth driver to latest upstream version 0.61. * fixed various e1000 issues when using Intel ESB2 hardware. * updated e1000e driver to upstream version 0.3.3.3-k6. * updated igb to upstream version 1.2.45-k2. * updated tg3 to upstream version 3.96. * updated ixgbe to upstream version 1.3.18-k4. * updated bnx2 to upstream version 1.7.9. * updated bnx2x to upstream version 1.45.23. * fixed bugs and added enhancements for the NetXen NX2031 and NX3031 products.\n* updated Realtek r8169 driver to support newer network chipsets. All variants of RTL810x/RTL8168(9) are now supported.\n\nStorage Driver Updates :\n\n* fixed various SCSI issues. Also, the SCSI sd driver now calls the revalidate_disk wrapper. * fixed a dmraid reduced I/O delay bug in certain configurations. * removed quirk aac_quirk_scsi_32 for some aacraid controllers. * updated FCP driver on IBM System z systems with support for point-to-point connections. * updated lpfc to version 8.0.16.46. * updated megaraid_sas to version 4.01-RH1. * updated MPT Fusion driver to version 3.12.29.00rh. * updated qla2xxx firmware to 4.06.01 for 4GB/s and 8GB/s adapters. * updated qla2xxx driver to version 8.02.09.00.04.08-d. * fixed sata_nv in libsata to disable ADMA mode by default.\n\nMiscellaneous Updates :\n\n* upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to version 1.4. * added driver support and fixes for various Wacom tablets.\n\nUsers should install this update, which resolves these issues and adds these enhancements.", "cvss3": {}, "published": "2009-05-19T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1024)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2009-1024.NASL", "href": "https://www.tenable.com/plugins/nessus/38818", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1024. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38818);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1336\", \"CVE-2009-1337\");\n script_bugtraq_id(34405);\n script_xref(name:\"RHSA\", value:\"2009:1024\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1024)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages are now available as part of the ongoing\nsupport and maintenance of Red Hat Enterprise Linux version 4. This is\nthe eighth regular update.\n\nThese updated packages fix two security issues, hundreds of bugs, and\nadd numerous enhancements. Space precludes a detailed description of\neach of these in this advisory. Refer to the Red Hat Enterprise Linux\n4.8 Release Notes for information on 22 of the most significant of\nthese changes. For more detailed information on specific bug fixes or\nenhancements, refer to the Bugzilla numbers associated with this\nadvisory.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fixes :\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS) did\nnot properly initialize the file name limit in the nfs_server data\nstructure. This flaw could possibly lead to a denial of service on a\nclient mounting an NFS share. (CVE-2009-1336, Moderate)\n\nBug Fixes and Enhancements :\n\nKernel Feature Support :\n\n* added a new allowable value to '/proc/sys/kernel/wake_balance' to\nallow the scheduler to run the thread on any available CPU rather than\nscheduling it on the optimal CPU. * added 'max_writeback_pages'\ntunable parameter to /proc/sys/vm/ to allow the maximum number of\nmodified pages kupdate writes to disk, per iteration per run. * added\n'swap_token_timeout' tunable parameter to /proc/sys/vm/ to provide a\nvalid hold time for the swap out protection token. * added diskdump\nsupport to sata_svw driver. * limited physical memory to 64GB for\n32-bit kernels running on systems with more than 64GB of physical\nmemory to prevent boot failures. * improved reliability of autofs. *\nadded support for 'rdattr_error' in NFSv4 readdir requests. * fixed\nvarious short packet handling issues for NFSv4 readdir and sunrpc. *\nfixed several CIFS bugs.\n\nNetworking and IPv6 Enablement :\n\n* added router solicitation support. * enforced sg requires tx csum in\nethtool.\n\nPlatform Support :\n\nx86, AMD64, Intel 64, IBM System z\n\n* added support for a new Intel chipset. * added initialization vendor\ninfo in boot_cpu_data. * added support for N_Port ID Virtualization\n(NPIV) for IBM System z guests using zFCP. * added HDMI support for\nsome AMD and ATI chipsets. * updated HDA driver in ALSA to latest\nupstream as of 2008-07-22. * added support for affected_cpus for\ncpufreq. * removed polling timer from i8042. * fixed PM-Timer when\nusing the ASUS A8V Deluxe motherboard. * backported usbfs_mutex in\nusbfs.\n\n64-bit PowerPC :\n\n* updated eHEA driver from version 0078-04 to 0078-08. * updated\nlogging of checksum errors in the eHEA driver.\n\nNetwork Driver Updates :\n\n* updated forcedeth driver to latest upstream version 0.61. * fixed\nvarious e1000 issues when using Intel ESB2 hardware. * updated e1000e\ndriver to upstream version 0.3.3.3-k6. * updated igb to upstream\nversion 1.2.45-k2. * updated tg3 to upstream version 3.96. * updated\nixgbe to upstream version 1.3.18-k4. * updated bnx2 to upstream\nversion 1.7.9. * updated bnx2x to upstream version 1.45.23. * fixed\nbugs and added enhancements for the NetXen NX2031 and NX3031 products.\n* updated Realtek r8169 driver to support newer network chipsets. All\nvariants of RTL810x/RTL8168(9) are now supported.\n\nStorage Driver Updates :\n\n* fixed various SCSI issues. Also, the SCSI sd driver now calls the\nrevalidate_disk wrapper. * fixed a dmraid reduced I/O delay bug in\ncertain configurations. * removed quirk aac_quirk_scsi_32 for some\naacraid controllers. * updated FCP driver on IBM System z systems with\nsupport for point-to-point connections. * updated lpfc to version\n8.0.16.46. * updated megaraid_sas to version 4.01-RH1. * updated MPT\nFusion driver to version 3.12.29.00rh. * updated qla2xxx firmware to\n4.06.01 for 4GB/s and 8GB/s adapters. * updated qla2xxx driver to\nversion 8.02.09.00.04.08-d. * fixed sata_nv in libsata to disable ADMA\nmode by default.\n\nMiscellaneous Updates :\n\n* upgraded OpenFabrics Alliance Enterprise Distribution (OFED) to\nversion 1.4. * added driver support and fixes for various Wacom\ntablets.\n\nUsers should install this update, which resolves these issues and adds\nthese enhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1337\"\n );\n # http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/4.8/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/documentation/en-us/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1024\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-1336\", \"CVE-2009-1337\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2009:1024\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1024\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", reference:\"kernel-doc-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-89.EL\")) flag++;\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-89.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-devel / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:39:18", "description": "Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update includes backported fixes for two approved security issues. These issues only affected users of Red Hat Enterprise Linux 4.7 Extended Update Support, as they have already been addressed for users of Red Hat Enterprise Linux 4 in the 4.8 update, RHSA-2009:1024.\n\n* the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS) version 4 did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFSv4 share. (CVE-2009-1336, Moderate)\n\nThis update fixes the following bugs :\n\n* on IBM System z systems, if the cio driver was used for DASD devices, and the last path to a DASD device was varied off, it was still possible to attempt read and write operations to that device, resulting in errors. In this update, path verification is used in this situation, which resolves this issue. Also, a bug may have caused errors when subchannels were unregistered. (BZ#437486)\n\n* a bug prevented the Broadcom NetXtreme II 57710 network device from working correctly on some Dell PowerEdge R805 systems. This device was correctly shown in 'lspci' output, but 'ifup' failed and an IP address was not assigned. In this update, the device works correctly on Dell PowerEdge R805 systems. (BZ#491752)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. For this update to take effect, the system must be rebooted.", "cvss3": {}, "published": "2013-01-24T00:00:00", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2009:1077)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1336", "CVE-2009-1337"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem", "p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp", "p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-smp", "p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU", "p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-1077.NASL", "href": "https://www.tenable.com/plugins/nessus/63880", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1077. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63880);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1336\", \"CVE-2009-1337\");\n script_xref(name:\"RHSA\", value:\"2009:1077\");\n\n script_name(english:\"RHEL 4 : kernel (RHSA-2009:1077)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise Linux 4.7 Extended Update\nSupport.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update includes backported fixes for two approved security\nissues. These issues only affected users of Red Hat Enterprise Linux\n4.7 Extended Update Support, as they have already been addressed for\nusers of Red Hat Enterprise Linux 4 in the 4.8 update, RHSA-2009:1024.\n\n* the exit_notify() function in the Linux kernel did not properly\nreset the exit signal if a process executed a set user ID (setuid)\napplication before exiting. This could allow a local, unprivileged\nuser to elevate their privileges. (CVE-2009-1337, Important)\n\n* the Linux kernel implementation of the Network File System (NFS)\nversion 4 did not properly initialize the file name limit in the\nnfs_server data structure. This flaw could possibly lead to a denial\nof service on a client mounting an NFSv4 share. (CVE-2009-1336,\nModerate)\n\nThis update fixes the following bugs :\n\n* on IBM System z systems, if the cio driver was used for DASD\ndevices, and the last path to a DASD device was varied off, it was\nstill possible to attempt read and write operations to that device,\nresulting in errors. In this update, path verification is used in this\nsituation, which resolves this issue. Also, a bug may have caused\nerrors when subchannels were unregistered. (BZ#437486)\n\n* a bug prevented the Broadcom NetXtreme II 57710 network device from\nworking correctly on some Dell PowerEdge R805 systems. This device was\ncorrectly shown in 'lspci' output, but 'ifup' failed and an IP address\nwas not assigned. In this update, the device works correctly on Dell\nPowerEdge R805 systems. (BZ#491752)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. For this update to take\neffect, the system must be rebooted.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-1336.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2009-1337.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2009-1077.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cwe_id(20, 264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", reference:\"kernel-doc-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-hugemem-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-hugemem-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-largesmp-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-largesmp-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-smp-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-smp-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-smp-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-smp-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-xenU-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-xenU-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"i686\", reference:\"kernel-xenU-devel-2.6.9-78.0.24.EL\")) flag++;\nif (rpm_check(release:\"RHEL4\", sp:\"7\", cpu:\"x86_64\", reference:\"kernel-xenU-devel-2.6.9-78.0.24.EL\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:50:18", "description": "Update to kernel 2.6.27.12:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Also fixes bug 478299, reported against Fedora 10: AVC denials on kernel 2.6.27.9-159.fc10.x86_64 Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should fix lack of audio on headphone outputs for some notebooks.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-01-27T00:00:00", "type": "nessus", "title": "Fedora 9 : kernel-2.6.27.12-78.2.8.fc9 (2009-0816)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0029", "CVE-2009-0065"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:9"], "id": "FEDORA_2009-0816.NASL", "href": "https://www.tenable.com/plugins/nessus/35464", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-0816.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35464);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0029\", \"CVE-2009-0065\");\n script_bugtraq_id(33113);\n script_xref(name:\"FEDORA\", value:\"2009-0816\");\n\n script_name(english:\"Fedora 9 : kernel-2.6.27.12-78.2.8.fc9 (2009-0816)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.27.12:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12\nIncludes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit\nsystem call argument passing CVE-2009-0065 kernel: sctp: memory\noverflow when FWD-TSN chunk is received with bad stream ID Also fixes\nbug 478299, reported against Fedora 10: AVC denials on kernel\n2.6.27.9-159.fc10.x86_64 Reverts ALSA driver to the version that is\nupstream in kernel 2.6.27. This should fix lack of audio on headphone\noutputs for some notebooks.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9af5a301\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbb536f1\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ddbb60cd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480864\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-January/019486.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?07d70a9e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"kernel-2.6.27.12-78.2.8.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:57:49", "description": "Update to kernel 2.6.27.12:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12 Includes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit system call argument passing CVE-2009-0065 kernel: sctp: memory overflow when FWD-TSN chunk is received with bad stream ID Reverts ALSA driver to the version that is upstream in kernel 2.6.27. This should be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update kernel is being tested.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Fedora 10 : kernel-2.6.27.12-170.2.5.fc10 (2009-0923)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0029", "CVE-2009-0065"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-0923.NASL", "href": "https://www.tenable.com/plugins/nessus/38129", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-0923.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38129);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0029\", \"CVE-2009-0065\");\n script_xref(name:\"FEDORA\", value:\"2009-0923\");\n\n script_name(english:\"Fedora 10 : kernel-2.6.27.12-170.2.5.fc10 (2009-0923)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.27.12:\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11\nhttp://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12\nIncludes security fixes: CVE-2009-0029 Linux Kernel insecure 64 bit\nsystem call argument passing CVE-2009-0065 kernel: sctp: memory\noverflow when FWD-TSN chunk is received with bad stream ID Reverts\nALSA driver to the version that is upstream in kernel 2.6.27. This\nshould be the last 2.6.27 kernel update for Fedora 10. A 2.6.28 update\nkernel is being tested.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.10\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9af5a301\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.11\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbb536f1\"\n );\n # http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.12\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ddbb60cd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=477954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=478299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=480866\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-January/019442.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6a393669\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(20, 119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"kernel-2.6.27.12-170.2.5.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:50:37", "description": "From Red Hat Security Advisory