Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 Greenbone Networks GmbHOPENVAS:840049
HistoryMar 23, 2009 - 12:00 a.m.

Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1

2009-03-2300:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
17

0.295 Low

EPSS

Percentile

96.4%

JSON

Ubuntu Update for Linux kernel vulnerabilities USN-464-1

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_464_1.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Philipp Richter discovered that the AppleTalk protocol handler did
  not sufficiently verify the length of packets. By sending a crafted
  AppleTalk packet, a remote attacker could exploit this to crash the
  kernel. (CVE-2007-1357)

  Gabriel Campana discovered that the do_ipv6_setsockopt() function did
  not sufficiently verifiy option values for IPV6_RTHDR. A local
  attacker could exploit this to trigger a kernel crash. (CVE-2007-1388)
  
  A Denial of Service vulnerability was discovered in the
  nfnetlink_log() netfilter function. A remote attacker could exploit
  this to trigger a kernel crash. (CVE-2007-1496)
  
  The connection tracking module for IPv6 did not properly handle the
  status field when reassembling fragmented packets, so that the final
  packet always had the 'established' state. A remote attacker could
  exploit this to bypass intended firewall rules. (CVE-2007-1497)
  
  Masayuki Nakagawa discovered an error in the flowlabel handling of
  IPv6 network sockets. A local attacker could exploit this to crash
  the kernel. (CVE-2007-1592)
  
  The do_dccp_getsockopt() function did not sufficiently verify the
  optlen argument. A local attacker could exploit this to read kernel
  memory (which might expose sensitive data) or cause a kernel crash.
  This only affects Ubuntu 7.04. (CVE-2007-1730)
  
  The IPv4 and DECnet network protocol handlers incorrectly declared
  an array variable so that it became smaller than intended. By sending
  crafted packets over a netlink socket, a local attacker could exploit
  this to crash the kernel. (CVE-2007-2172)";

tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-464-1";
tag_affected = "linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities on Ubuntu 6.06 LTS ,
  Ubuntu 6.10 ,
  Ubuntu 7.04";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-464-1/");
  script_id(840049);
  script_version("$Revision: 7969 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
  script_tag(name:"creation_date", value:"2009-03-23 10:55:18 +0100 (Mon, 23 Mar 2009)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_xref(name: "USN", value: "464-1");
  script_cve_id("CVE-2007-1357", "CVE-2007-1388", "CVE-2007-1496", "CVE-2007-1497", "CVE-2007-1592", "CVE-2007-1730", "CVE-2007-2172");
  script_name( "Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-deb.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "UBUNTU7.04")
{

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-16-386_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-16-generic_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-16-lowlatency_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-16-server-bigiron_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-16-server_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-16_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-16-386_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-16-generic_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-16-lowlatency_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-16-server-bigiron_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-16-server_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-16-386_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-16-generic_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-16-lowlatency_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-16-server-bigiron_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-16-server_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.20_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.20_2.6.20-16.28", rls:"UBUNTU7.04")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU6.06 LTS")
{

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-28-386_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-28-686_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-28-k7_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-28-server-bigiron_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-28-server_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-28_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-28-386_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-28-686_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-28-k7_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-28-server-bigiron_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-28-server_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.15_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.15_2.6.15-28.55", rls:"UBUNTU6.06 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}


if(release == "UBUNTU6.10")
{

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.17-11-386_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.17-11-generic_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.17-11-server-bigiron_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.17-11-server_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.17-11_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.17-11-386_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.17-11-generic_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.17-11-server-bigiron_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.17-11-server_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.17-11-386_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.17-11-generic_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.17-11-server-bigiron_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.17-11-server_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-kdump", ver:"2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.17_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.17_2.6.17.1-11.38", rls:"UBUNTU6.10")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Related

securityvulns 9
ubuntu 1
openvas 44
nessus 34
redhat 9
centos 7
suse 4
oraclelinux 3
osv 8
debian 8
cve 8
prion 8
fedora 2
ubuntucve 8
veracode 5
redhatcve 2
securityvulns
securityvulns
[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution
2007-05-25 00:00:00
Linux netfilter multiple security vulnerabilities
2007-03-18 00:00:00
Linux AppleTalk DoS
2007-04-19 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2007-05-24 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-464-1)
2009-03-23 00:00:00
SuSE Update for kernel SUSE-SA:2007:043
2009-01-28 00:00:00
Oracle: Security Advisory (ELSA-2007-0347)
2015-10-08 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 : linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities (USN-464-1)
2007-11-10 00:00:00
CentOS 5 : kernel (CESA-2007:0347)
2010-01-06 00:00:00
RHEL 5 : kernel (RHSA-2007:0347)
2007-05-25 00:00:00
redhat
redhat
(RHSA-2007:0347) Important: kernel security and bug fix update
2007-05-16 00:00:00
(RHSA-2007:0436) Important: Updated kernel packages for Red Hat Enterprise Linux 3 Update 9
2007-06-11 13:45:45
(RHSA-2007:0169) Important: kernel security and bug fix update
2007-04-30 00:00:00
centos
centos
kernel security update
2007-05-20 02:21:06
gdb, kernel security update
2007-06-11 22:34:46
Kernel, kernel security update
2007-05-01 23:33:28
suse
suse
remote denial of service in kernel
2007-05-03 18:12:20
remote denial of service in kernel
2007-07-09 14:31:09
remote denial of service in kernel
2007-05-10 11:16:32
oraclelinux
oraclelinux
Important: kernel security and bug fix update
2007-06-26 00:00:00
Important: kernel security and bug fix update
2007-12-04 00:00:00
Important: kernel security update
2007-06-26 00:00:00
osv
osv
linux-2.6
2007-05-13 00:00:00
linux-2.6
2007-05-02 00:00:00
linux-2.6
2007-08-31 00:00:00
debian
debian
[SECURITY] [DSA 1289-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-05-13 00:00:00
[SECURITY] [DSA 1286-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-05-02 00:00:00
[SECURITY] [DSA 1363-1] New Linux 2.6.18 packages fix several vulnerabilities
2007-08-31 00:00:00
cve
cve
CVE-2007-1357
2007-04-11 00:19:00
CVE-2007-1496
2007-03-16 22:19:00
CVE-2007-1592
2007-03-22 19:19:00
prion
prion
Code injection
2007-04-11 00:19:00
Null pointer dereference
2007-03-16 22:19:00
Double free
2007-03-22 19:19:00
fedora
fedora
[SECURITY] Fedora Core 6 Update: kernel-2.6.20-1.2944.fc6
2007-04-13 19:55:49
[SECURITY] Fedora Core 5 Update: kernel-2.6.20-1.2312.fc5
2007-04-13 19:42:37
ubuntucve
ubuntucve
CVE-2007-1496
2007-03-16 00:00:00
CVE-2007-1357
2007-04-11 00:00:00
CVE-2007-1592
2007-03-22 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:18:27
Denial Of Service (DoS)
2020-04-10 00:18:23
Information Disclosure
2020-04-10 00:18:25
redhatcve
redhatcve
CVE-2007-1730
2015-10-30 10:20:51
CVE-2007-1734
2015-10-30 10:20:56

0.295 Low

EPSS

Percentile

96.4%

JSON
Related for OPENVAS:840049
securityvulns9ubuntu1openvas44nessus34redhat9centos7suse4oraclelinux3osv8debian8cve8prion8fedora2ubuntucve8veracode5redhatcve2