Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2009 E-Soft Inc. http://www.securityspace.comOPENVAS:66213
HistoryNov 11, 2009 - 12:00 a.m.

SuSE Security Advisory SUSE-SA:2009:051 (kernel)

2009-11-1100:00:00
Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
plugins.openvas.org
24

0.0004 Low

EPSS

Percentile

8.5%

JSON

The remote host is missing updates announced in
advisory SUSE-SA:2009:051.

# OpenVAS Vulnerability Test
# $Id: suse_sa_2009_051.nasl 6668 2017-07-11 13:34:29Z cfischer $
# Description: Auto-generated from advisory SUSE-SA:2009:051 (kernel)
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "The SUSE Linux Enterprise 11 and openSUSE 11.1 kernel was updated to
2.6.27.37 fixing various bugs and security issues.

Following security issues were fixed:
CVE-2009-2909: Unsigned check in the ax25 socket handler could allow
local attackers to potentially crash the kernel or even execute code.

CVE-2009-3002: Fixed various socket handler getname leaks, which
could disclose memory previously used by the kernel or other userland
processes to the local attacker.

CVE-2009-2910: An information leakage with upper 32bit register values
on x86_64 systems was fixed.

Various KVM stability and security fixes have also been added.";
tag_solution = "Update your system with the packages as indicated in
the referenced security advisory.

https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:051";
tag_summary = "The remote host is missing updates announced in
advisory SUSE-SA:2009:051.";

                                                                                

if(description)
{
 script_id(66213);
 script_version("$Revision: 6668 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)");
 script_cve_id("CVE-2009-2909", "CVE-2009-2910", "CVE-2009-3002");
 script_tag(name:"cvss_base", value:"4.9");
 script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
 script_name("SuSE Security Advisory SUSE-SA:2009:051 (kernel)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("SuSE Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-rpm.inc");

res = "";
report = "";
if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debug-debugsource", rpm:"kernel-debug-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default-debugsource", rpm:"kernel-default-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ec2-debuginfo", rpm:"kernel-ec2-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ec2-debugsource", rpm:"kernel-ec2-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae-debuginfo", rpm:"kernel-pae-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae-debugsource", rpm:"kernel-pae-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace-debuginfo", rpm:"kernel-trace-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace-debugsource", rpm:"kernel-trace-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-vanilla-debuginfo", rpm:"kernel-vanilla-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-vanilla-debugsource", rpm:"kernel-vanilla-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen-debugsource", rpm:"kernel-xen-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debug-base", rpm:"kernel-debug-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-debug-extra", rpm:"kernel-debug-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default-base", rpm:"kernel-default-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-default-extra", rpm:"kernel-default-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ec2", rpm:"kernel-ec2~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ec2-base", rpm:"kernel-ec2-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ec2-extra", rpm:"kernel-ec2-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae", rpm:"kernel-pae~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae-base", rpm:"kernel-pae-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-pae-extra", rpm:"kernel-pae-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace", rpm:"kernel-trace~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace-base", rpm:"kernel-trace-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-trace-extra", rpm:"kernel-trace-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-vanilla", rpm:"kernel-vanilla~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen-base", rpm:"kernel-xen-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-xen-extra", rpm:"kernel-xen-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-docs", rpm:"kernel-docs~2.6.3~3.13.55", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-kdump-debuginfo", rpm:"kernel-kdump-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-kdump-debugsource", rpm:"kernel-kdump-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64-debuginfo", rpm:"kernel-ppc64-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64-debugsource", rpm:"kernel-ppc64-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ps3-debuginfo", rpm:"kernel-ps3-debuginfo~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ps3-debugsource", rpm:"kernel-ps3-debugsource~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64", rpm:"kernel-ppc64~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64-base", rpm:"kernel-ppc64-base~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ppc64-extra", rpm:"kernel-ppc64-extra~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}
if ((res = isrpmvuln(pkg:"kernel-ps3", rpm:"kernel-ps3~2.6.27.37~0.1.1", rls:"openSUSE11.1")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

Related

suse 6
openvas 58
nessus 40
prion 3
cve 3
ubuntucve 3
seebug 4
veracode 2
exploitpack 1
osv 3
securityvulns 2
debian 3
exploitdb 1
fedora 9
oraclelinux 8
redhat 5
centos 3
ubuntu 2
vmware 3
suse
suse
potential local privilege escalation in kernel
2009-11-02 17:52:48
local privilege escalation in kernel
2009-11-16 13:03:36
local privilege escalation in kernel
2009-11-11 17:52:30
openvas
openvas
SuSE Security Advisory SUSE-SA:2009:051 (kernel)
2009-11-11 00:00:00
SLES11: Security update for Linux kernel
2009-11-11 00:00:00
SLES11: Security update for Linux kernel
2009-11-11 00:00:00
nessus
nessus
SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1410 / 1412 / 1413)
2009-11-03 00:00:00
openSUSE Security Update : kernel (kernel-1415)
2009-11-02 00:00:00
Fedora 10 : kernel-2.6.27.37-170.2.104.fc10 (2009-10525)
2009-10-16 00:00:00
prion
prion
Memory corruption
2009-08-28 15:30:00
Design/Logic Flaw
2009-10-20 17:30:00
Integer overflow
2009-10-20 17:30:00
cve
cve
CVE-2009-2910
2009-10-20 17:30:00
CVE-2009-3002
2009-08-28 15:30:00
CVE-2009-2909
2009-10-20 17:30:00
ubuntucve
ubuntucve
CVE-2009-2910
2009-10-20 00:00:00
CVE-2009-2909
2009-10-20 00:00:00
CVE-2009-3002
2009-08-28 00:00:00
seebug
seebug
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit
2014-07-01 00:00:00
Linux Kernel .getname函数多个信息泄露漏洞
2009-09-02 00:00:00
Linux Kernel &lt; 2.6.31-rc7 AF_IRDA 29-Byte Stack Disclosure Exploit
2009-09-01 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:39:21
Denial Of Service (DoS)
2020-04-10 00:40:03
exploitpack
exploitpack
Linux Kernel 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure (2)
2009-08-31 00:00:00
osv
osv
linux-2.6 - several vulnerabilities
2009-10-22 00:00:00
linux-2.6 - several vulnerabilities
2009-11-05 00:00:00
linux-2.6.24 - several vulnerabilities
2009-11-05 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 00:00:00
Linux kernel multiple security vulnerabilities
2009-11-08 00:00:00
debian
debian
[SECURITY] [DSA 1915-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-10-23 15:58:04
[SECURITY] [DSA 1929-1] New Linux 2.6.18 packages fix several vulnerabilities
2009-11-06 00:51:43
[SECURITY] [DSA 1928-1] New Linux 2.6.24 packages fix several vulnerabilities
2009-11-05 22:03:48
exploitdb
exploitdb
Linux Kernel &lt; 2.6.31-rc7 - &#039;AF_IRDA&#039; 29-Byte Stack Disclosure (2)
2009-08-31 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-90.fc11
2009-10-27 06:48:07
[SECURITY] Fedora 10 Update: kernel-2.6.27.37-170.2.104.fc10
2009-10-15 22:37:20
[SECURITY] Fedora 11 Update: kernel-2.6.30.9-96.fc11
2009-11-06 00:03:20
oraclelinux
oraclelinux
kernel security and bug fix update
2009-09-30 00:00:00
kernel security update
2018-10-01 00:00:00
kernel security and bug fix update
2009-12-16 00:00:00
redhat
redhat
(RHSA-2009:1671) Important: kernel security and bug fix update
2009-12-15 00:00:00
(RHSA-2009:1540) Important: kernel-rt security, bug fix, and enhancement update
2009-11-03 00:00:00
(RHSA-2009:1550) Important: kernel security and bug fix update
2009-11-03 00:00:00
centos
centos
kernel security update
2009-12-18 19:00:39
kernel security update
2009-11-04 00:55:32
kernel security update
2010-01-20 18:10:39
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-12-05 00:00:00
Linux kernel vulnerabilities
2009-10-22 00:00:00
vmware
vmware
ESX 3.5 third party update for Service Console kernel
2010-06-24 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00

0.0004 Low

EPSS

Percentile

8.5%

JSON
Related for OPENVAS:66213
suse6openvas58nessus40prion3cve3ubuntucve3seebug4veracode2exploitpack1osv3securityvulns2debian3exploitdb1fedora9oraclelinux8redhat5centos3ubuntu2vmware3