Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1

2011-02-28T00:00:00

Description

Ubuntu Update for Linux kernel vulnerabilities USN-1073-1

{"id": "OPENVAS:840592", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1073-1", "published": "2011-02-28T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840592", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["1073-1", "http://www.ubuntu.com/usn/usn-1073-1/"], "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "lastseen": "2017-12-04T11:26:45", "viewCount": 3, "enchantments": {"score": {"value": 0.8, "vector": "NONE"}, "dependencies": {"references": [{"type": "centos", "idList": ["CESA-2010:0627", "CESA-2010:0839", "CESA-2010:0898", "CESA-2011:0004", "CESA-2011:0162", "CESA-2011:0303"]}, {"type": "cve", "idList": ["CVE-2010-0435", "CVE-2010-3448", "CVE-2010-3698", "CVE-2010-3859", "CVE-2010-3865", "CVE-2010-3873", "CVE-2010-3874", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3877", "CVE-2010-3880", "CVE-2010-4074", "CVE-2010-4078", "CVE-2010-4079", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4082", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-4164", "CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4175", "CVE-2010-4248", "CVE-2010-4249", "CVE-2011-2213"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2126-1:370B4", "DEBIAN:DSA-2153-1:FDD6A", "DEBIAN:DSA-2240-1:38C7A", "DEBIAN:DSA-2264-1:87A7B"]}, {"type": "exploitdb", "idList": ["EDB-ID:16263", "EDB-ID:16952"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:19AFA2110050988DFA5D313E85E6EBB8", "EXPLOITPACK:35A7E74CF2E35E93303353718B439DD4"]}, {"type": "fedora", "idList": ["FEDORA:0BE9E110D31", "FEDORA:0DA9510F842", "FEDORA:13309110B4E", "FEDORA:329D9110666", "FEDORA:3A49610F8D7", "FEDORA:3AD78110EC4", "FEDORA:6F955210EC", "FEDORA:7AE2C1106A7", "FEDORA:8785411086D", "FEDORA:A272A110C4A", "FEDORA:ACEFF2102F", "FEDORA:BCC0720E13", "FEDORA:BD6A910FBAE", "FEDORA:C5ABB10F8BB", "FEDORA:CAA68215A9"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2010-0627.NASL", "CENTOS_RHSA-2010-0898.NASL", "CENTOS_RHSA-2011-0004.NASL", "CENTOS_RHSA-2011-0162.NASL", "CENTOS_RHSA-2011-0303.NASL", "DEBIAN_DSA-2126.NASL", "DEBIAN_DSA-2153.NASL", "DEBIAN_DSA-2240.NASL", "DEBIAN_DSA-2264.NASL", "FEDORA_2010-16826.NASL", "FEDORA_2010-18432.NASL", "FEDORA_2010-18493.NASL", "FEDORA_2010-18506.NASL", "FEDORA_2010-18983.NASL", "FEDORA_2011-1138.NASL", "FEDORA_2011-2134.NASL", "OPENSUSE-2012-342.NASL", "OPENSUSE-2012-756.NASL", "ORACLELINUX_ELSA-2010-0627.NASL", "ORACLELINUX_ELSA-2010-0898.NASL", "ORACLELINUX_ELSA-2010-2011.NASL", "ORACLELINUX_ELSA-2011-0004.NASL", "ORACLELINUX_ELSA-2011-0007.NASL", "ORACLELINUX_ELSA-2011-0162.NASL", "ORACLELINUX_ELSA-2011-0283.NASL", "ORACLELINUX_ELSA-2011-0303.NASL", "ORACLELINUX_ELSA-2011-1189.NASL", "ORACLELINUX_ELSA-2011-2010.NASL", "ORACLELINUX_ELSA-2011-2024.NASL", "ORACLEVM_OVMSA-2013-0039.NASL", "REDHAT-RHSA-2010-0622.NASL", "REDHAT-RHSA-2010-0627.NASL", "REDHAT-RHSA-2010-0842.NASL", "REDHAT-RHSA-2010-0898.NASL", "REDHAT-RHSA-2011-0004.NASL", "REDHAT-RHSA-2011-0007.NASL", "REDHAT-RHSA-2011-0017.NASL", "REDHAT-RHSA-2011-0162.NASL", "REDHAT-RHSA-2011-0283.NASL", "REDHAT-RHSA-2011-0303.NASL", "SL_20100819_KVM_ON_SL5_X.NASL", "SL_20101110_KERNEL_ON_SL6_X.NASL", "SL_20101206_KVM_ON_SL5_X.NASL", "SL_20110104_KERNEL_ON_SL5_X.NASL", "SL_20110118_KERNEL_ON_SL4_X.NASL", "SL_20110222_KERNEL_ON_SL6_X.NASL", "SL_20110301_KERNEL_ON_SL5_X.NASL", "SUSE9_12672.NASL", "SUSE9_12677.NASL", "SUSE_11_1_KERNEL-101202.NASL", "SUSE_11_2_KERNEL-110413.NASL", "SUSE_11_2_KERNEL-DEBUG-101215.NASL", "SUSE_11_3_KERNEL-101215.NASL", "SUSE_11_3_KERNEL-110414.NASL", "SUSE_11_3_KERNEL-120104.NASL", "SUSE_11_4_KERNEL-120104.NASL", "SUSE_11_KERNEL-101102.NASL", "SUSE_11_KERNEL-110104.NASL", "SUSE_11_KERNEL-110228.NASL", "SUSE_11_KERNEL-110414.NASL", "SUSE_11_KERNEL-110415.NASL", "SUSE_11_KERNEL-120129.NASL", "SUSE_11_KERNEL-120130.NASL", "SUSE_11_KERNEL-EC2-101103.NASL", "SUSE_KERNEL-7257.NASL", "SUSE_KERNEL-7261.NASL", "SUSE_KERNEL-7303.NASL", "SUSE_KERNEL-7304.NASL", "SUSE_KERNEL-7381.NASL", "SUSE_KERNEL-7384.NASL", "SUSE_KERNEL-7915.NASL", "SUSE_KERNEL-7918.NASL", "SUSE_SU-2013-1832-1.NASL", "UBUNTU_USN-1023-1.NASL", "UBUNTU_USN-1041-1.NASL", "UBUNTU_USN-1054-1.NASL", "UBUNTU_USN-1071-1.NASL", "UBUNTU_USN-1072-1.NASL", "UBUNTU_USN-1073-1.NASL", "UBUNTU_USN-1080-1.NASL", "UBUNTU_USN-1080-2.NASL", "UBUNTU_USN-1081-1.NASL", "UBUNTU_USN-1083-1.NASL", "UBUNTU_USN-1093-1.NASL", "UBUNTU_USN-1111-1.NASL", "UBUNTU_USN-1119-1.NASL", "UBUNTU_USN-1164-1.NASL", "UBUNTU_USN-1167-1.NASL", "UBUNTU_USN-1186-1.NASL", "UBUNTU_USN-1187-1.NASL", "UBUNTU_USN-1202-1.NASL", "UBUNTU_USN-1204-1.NASL", "UBUNTU_USN-1244-1.NASL", "VMWARE_VMSA-2011-0012.NASL", "VMWARE_VMSA-2011-0012_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103455", "OPENVAS:1361412562310103455", "OPENVAS:1361412562310122217", "OPENVAS:1361412562310122233", "OPENVAS:1361412562310122239", "OPENVAS:1361412562310122244", "OPENVAS:1361412562310122281", "OPENVAS:1361412562310122285", "OPENVAS:1361412562310122291", "OPENVAS:1361412562310122293", "OPENVAS:1361412562310122298", "OPENVAS:1361412562310122328", "OPENVAS:136141256231068662", "OPENVAS:136141256231068992", "OPENVAS:136141256231069970", "OPENVAS:1361412562310831331", "OPENVAS:1361412562310840579", "OPENVAS:1361412562310840592", "OPENVAS:1361412562310840594", "OPENVAS:1361412562310840595", "OPENVAS:1361412562310840599", "OPENVAS:1361412562310840600", "OPENVAS:1361412562310840601", "OPENVAS:1361412562310840605", "OPENVAS:1361412562310840638", "OPENVAS:1361412562310840651", "OPENVAS:1361412562310840693", "OPENVAS:1361412562310840699", "OPENVAS:1361412562310840718", "OPENVAS:1361412562310840720", "OPENVAS:1361412562310840744", "OPENVAS:1361412562310840745", "OPENVAS:1361412562310840787", "OPENVAS:1361412562310850156", "OPENVAS:1361412562310850157", "OPENVAS:1361412562310850159", "OPENVAS:1361412562310850163", "OPENVAS:1361412562310850165", "OPENVAS:1361412562310850211", "OPENVAS:1361412562310850253", "OPENVAS:1361412562310850483", "OPENVAS:1361412562310862654", "OPENVAS:1361412562310862703", "OPENVAS:1361412562310862706", "OPENVAS:1361412562310862713", "OPENVAS:1361412562310862749", "OPENVAS:1361412562310862842", "OPENVAS:1361412562310862910", "OPENVAS:1361412562310863087", "OPENVAS:1361412562310863279", "OPENVAS:1361412562310863292", "OPENVAS:1361412562310863447", "OPENVAS:1361412562310863571", "OPENVAS:1361412562310863604", "OPENVAS:1361412562310863606", "OPENVAS:1361412562310863647", "OPENVAS:1361412562310870374", "OPENVAS:1361412562310870378", "OPENVAS:1361412562310870380", "OPENVAS:1361412562310870402", "OPENVAS:1361412562310870652", "OPENVAS:1361412562310870664", "OPENVAS:1361412562310880459", "OPENVAS:1361412562310880516", "OPENVAS:1361412562310880534", "OPENVAS:1361412562310880635", "OPENVAS:1361412562310881254", "OPENVAS:1361412562310881339", "OPENVAS:1361412562310881399", "OPENVAS:68662", "OPENVAS:68992", "OPENVAS:69970", "OPENVAS:831331", "OPENVAS:840579", "OPENVAS:840594", "OPENVAS:840595", "OPENVAS:840599", "OPENVAS:840600", "OPENVAS:840601", "OPENVAS:840605", "OPENVAS:840638", "OPENVAS:840651", "OPENVAS:840693", "OPENVAS:840699", "OPENVAS:840718", "OPENVAS:840720", "OPENVAS:840744", "OPENVAS:840745", "OPENVAS:840787", "OPENVAS:850156", "OPENVAS:850157", "OPENVAS:850159", "OPENVAS:850163", "OPENVAS:850165", "OPENVAS:850211", "OPENVAS:850253", "OPENVAS:850483", "OPENVAS:862654", "OPENVAS:862703", "OPENVAS:862706", "OPENVAS:862713", "OPENVAS:862749", "OPENVAS:862842", "OPENVAS:862910", "OPENVAS:863087", "OPENVAS:863279", "OPENVAS:863292", "OPENVAS:863447", "OPENVAS:863571", "OPENVAS:863604", "OPENVAS:863606", "OPENVAS:863647", "OPENVAS:870374", "OPENVAS:870378", "OPENVAS:870380", "OPENVAS:870402", "OPENVAS:870652", "OPENVAS:870664", "OPENVAS:880459", "OPENVAS:880516", "OPENVAS:880534", "OPENVAS:880635", "OPENVAS:881254", "OPENVAS:881339", "OPENVAS:881399"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0627", "ELSA-2010-0839", "ELSA-2010-0898", "ELSA-2010-2011", "ELSA-2011-0004", "ELSA-2011-0007", "ELSA-2011-0017", "ELSA-2011-0028", "ELSA-2011-0162", "ELSA-2011-0263", "ELSA-2011-0283", "ELSA-2011-0303", "ELSA-2011-1065", "ELSA-2011-2010"]}, {"type": "osv", "idList": ["OSV:DSA-2126-1", "OSV:DSA-2153-1", "OSV:DSA-2240-1", "OSV:DSA-2264-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:105078", "PACKETSTORM:96141", "PACKETSTORM:98797", "PACKETSTORM:99147"]}, {"type": "redhat", "idList": ["RHSA-2010:0622", "RHSA-2010:0627", "RHSA-2010:0839", "RHSA-2010:0842", "RHSA-2010:0898", "RHSA-2010:0958", "RHSA-2011:0004", "RHSA-2011:0007", "RHSA-2011:0017", "RHSA-2011:0162", "RHSA-2011:0283", "RHSA-2011:0303", "RHSA-2011:0330"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25229", "SECURITYVULNS:DOC:25593", "SECURITYVULNS:DOC:25594", "SECURITYVULNS:DOC:26323", "SECURITYVULNS:DOC:26416", "SECURITYVULNS:VULN:11275", "SECURITYVULNS:VULN:11394"]}, {"type": "seebug", "idList": ["SSV:20059", "SSV:20256", "SSV:20261", "SSV:20262", "SSV:20272", "SSV:20276", "SSV:20277", "SSV:20293", "SSV:20348", "SSV:20367", "SSV:21024", "SSV:70788", "SSV:71443"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2012:0206-1", "OPENSUSE-SU-2012:0236-1", "OPENSUSE-SU-2013:0925-1", "SUSE-SA:2010:057", "SUSE-SA:2010:060", "SUSE-SA:2011:001", "SUSE-SA:2011:002", "SUSE-SA:2011:004", "SUSE-SA:2011:005", "SUSE-SA:2011:007", "SUSE-SA:2011:008", "SUSE-SA:2011:012", "SUSE-SA:2011:015", "SUSE-SA:2011:017", "SUSE-SA:2011:019", "SUSE-SA:2011:020", "SUSE-SU-2012:0153-1", "SUSE-SU-2012:0153-2", "SUSE-SU-2012:0364-1", "SUSE-SU-2013:0786-1"]}, {"type": "ubuntu", "idList": ["USN-1023-1", "USN-1041-1", "USN-1054-1", "USN-1071-1", "USN-1072-1", "USN-1073-1", "USN-1074-1", "USN-1074-2", "USN-1080-1", "USN-1080-2", "USN-1081-1", "USN-1083-1", "USN-1093-1", "USN-1111-1", "USN-1119-1", "USN-1164-1", "USN-1186-1", "USN-1187-1", "USN-1202-1", "USN-1204-1", "USN-1244-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-0435", "UB:CVE-2010-3448", "UB:CVE-2010-3698", "UB:CVE-2010-3859", "UB:CVE-2010-3865", "UB:CVE-2010-3873", "UB:CVE-2010-3874", "UB:CVE-2010-3875", "UB:CVE-2010-3876", "UB:CVE-2010-3877", "UB:CVE-2010-3880", "UB:CVE-2010-4074", "UB:CVE-2010-4078", "UB:CVE-2010-4079", "UB:CVE-2010-4080", "UB:CVE-2010-4081", "UB:CVE-2010-4082", "UB:CVE-2010-4083", "UB:CVE-2010-4157", "UB:CVE-2010-4160", "UB:CVE-2010-4164", "UB:CVE-2010-4165", "UB:CVE-2010-4169", "UB:CVE-2010-4175", "UB:CVE-2010-4248", "UB:CVE-2010-4249", "UB:CVE-2011-2213"]}, {"type": "veracode", "idList": ["VERACODE:24186", "VERACODE:24248", "VERACODE:24342", "VERACODE:24343", "VERACODE:24344", "VERACODE:24345", "VERACODE:24346", "VERACODE:24347", "VERACODE:24351", "VERACODE:24404", "VERACODE:24455", "VERACODE:24464", "VERACODE:24467", "VERACODE:24470", "VERACODE:24471", "VERACODE:24472", "VERACODE:24474", "VERACODE:24490", "VERACODE:24491", "VERACODE:24549", "VERACODE:24595"]}, {"type": "vmware", "idList": ["VMSA-2011-0012", "VMSA-2011-0012.3"]}]}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2010:0627", "CESA-2010:0839", "CESA-2010:0898", "CESA-2011:0004", "CESA-2011:0162", "CESA-2011:0303"]}, {"type": "cve", "idList": ["CVE-2010-0435"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2264-1:87A7B"]}, {"type": "exploitdb", "idList": ["EDB-ID:16952"]}, {"type": "fedora", "idList": ["FEDORA:6F955210EC"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-RHSA-2010-0627/"]}, {"type": "nessus", "idList": ["FEDORA_2011-1138.NASL", "ORACLELINUX_ELSA-2011-0283.NASL", "REDHAT-RHSA-2010-0842.NASL", "REDHAT-RHSA-2011-0004.NASL", "SUSE_11_KERNEL-120129.NASL", "SUSE_KERNEL-7918.NASL", "UBUNTU_USN-1072-1.NASL", "VMWARE_VMSA-2011-0012_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122233", "OPENVAS:1361412562310122291", "OPENVAS:1361412562310840599", "OPENVAS:1361412562310870380", "OPENVAS:1361412562310870402", "OPENVAS:880459", "OPENVAS:880534"]}, {"type": "oraclelinux", "idList": ["ELSA-2010-0627", "ELSA-2010-0839", "ELSA-2010-0898", "ELSA-2010-2011", "ELSA-2011-0004", "ELSA-2011-0007", "ELSA-2011-0028", "ELSA-2011-0162", "ELSA-2011-0263", "ELSA-2011-0283", "ELSA-2011-0303", "ELSA-2011-1065", "ELSA-2011-2010"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:99147"]}, {"type": "redhat", "idList": ["RHSA-2010:0627", "RHSA-2010:0839", "RHSA-2010:0842", "RHSA-2010:0898", "RHSA-2011:0004", "RHSA-2011:0007", "RHSA-2011:0017", "RHSA-2011:0162", "RHSA-2011:0283", "RHSA-2011:0303"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26323"]}, {"type": "seebug", "idList": ["SSV:20262"]}, {"type": "suse", "idList": ["SUSE-SA:2010:060"]}, {"type": "ubuntu", "idList": ["USN-1071-1", "USN-1072-1", "USN-1080-2", "USN-1244-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-3865", "UB:CVE-2010-3873", "UB:CVE-2010-3875", "UB:CVE-2010-4078"]}, {"type": "vmware", "idList": ["VMSA-2011-0012.3"]}]}, "exploitation": null, "vulnersScore": 0.8}, "pluginID": "840592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1073_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dan Jacobson discovered that ThinkPad video output was not correctly access\n controlled. A local attacker could exploit this to hang the system, leading\n to a denial of service. (CVE-2010-3448)\n \n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n \n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n \n Thomas Pollet discovered that the RDS network protocol did not\n check certain iovec buffers. A local attacker could exploit this\n to crash the system or possibly execute arbitrary code as the root\n user. (CVE-2010-3865)\n \n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n \n Dan Rosenberg discovered that the CAN protocol on 64bit systems did not\n correctly calculate the size of certain buffers. A local attacker could\n exploit this to crash the system or possibly execute arbitrary code as\n the root user. (CVE-2010-3874)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the USB subsystem did not correctly\n initialize certain structures. A local attacker could exploit this to read ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1073-1\";\ntag_affected = \"linux, linux-ec2 vulnerabilities on Ubuntu 9.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1073-1/\");\n script_id(840592);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1073-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4248\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-virtual\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1660012827, "score": 1659962467}, "_internal": {"score_hash": "b55b53802eefaa4edd559108042969a9"}}

{"ubuntu": [{"lastseen": "2022-01-04T13:15:45", "description": "Gleb Napatov discovered that KVM did not correctly check certain privileged \noperations. A local attacker with access to a guest kernel could exploit \nthis to crash the host system, leading to a denial of service. \n(CVE-2010-0435)\n\nDan Jacobson discovered that ThinkPad video output was not correctly access \ncontrolled. A local attacker could exploit this to hang the system, leading \nto a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nThomas Pollet discovered that the RDS network protocol did not \ncheck certain iovec buffers. A local attacker could exploit this \nto crash the system or possibly execute arbitrary code as the root \nuser. (CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not \ncorrectly calculate the size of certain buffers. A local attacker could \nexploit this to crash the system or possibly execute arbitrary code as \nthe root user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized \non 64bit systems. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that the USB subsystem did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly \nclear kernel memory. A local attacker could exploit this to read kernel \nstack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A \nlocal attacker could make a specially crafted socket call to crash the \nsystem, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly \nhandle merged VMAs. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4169)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not handled \ncorrectly for active sockets. A local attacker could exploit this to \nallocate all available kernel memory, leading to a denial of service. \n(CVE-2010-4249)\n", "cvss3": {}, "published": "2011-02-25T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4073", "CVE-2010-4082", "CVE-2010-4248", "CVE-2010-4074", "CVE-2010-3874", "CVE-2010-3448", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-3873", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4165", "CVE-2010-3877", "CVE-2010-4078", "CVE-2010-4079", "CVE-2010-4160", "CVE-2010-3865", "CVE-2010-4081", "CVE-2010-3875", "CVE-2010-4083", "CVE-2010-4249", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4169", "CVE-2010-4080"], "modified": "2011-02-25T00:00:00", "id": "USN-1073-1", "href": "https://ubuntu.com/security/notices/USN-1073-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:15:47", "description": "Tavis Ormandy discovered that the Linux kernel did not properly implement \nexception fixup. A local attacker could exploit this to crash the kernel, \nleading to a denial of service. (CVE-2010-3086)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation \ndid not properly initialize certain structures. A local attacker could \nexploit this to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n", "cvss3": {}, "published": "2011-02-25T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4160", "CVE-2010-4081", "CVE-2010-3086", "CVE-2010-3875", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3880", "CVE-2010-4078", "CVE-2010-4157", "CVE-2010-3873", "CVE-2010-3876", "CVE-2010-4080"], "modified": "2011-02-25T00:00:00", "id": "USN-1071-1", "href": "https://ubuntu.com/security/notices/USN-1071-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:15:48", "description": "Gleb Napatov discovered that KVM did not correctly check certain privileged \noperations. A local attacker with access to a guest kernel could exploit \nthis to crash the host system, leading to a denial of service. \n(CVE-2010-0435)\n\nDave Chinner discovered that the XFS filesystem did not correctly order \ninode lookups when exported by NFS. A remote attacker could exploit this to \nread or write disk blocks that had changed file assignment or had become \nunlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel \nmemory correctly. A local user could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n\nDan Jacobson discovered that ThinkPad video output was not correctly \naccess controlled. A local attacker could exploit this to hang the system, \nleading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2010-3698)\n\nIt was discovered that Xen did not correctly clean up threads. A local \nattacker in a guest system could exploit this to exhaust host system \nresources, leading to a denial of serivce. (CVE-2010-3699)\n\nBrad Spengler discovered that stack memory for new a process was not \ncorrectly calculated. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not \nclear kernel memory correctly. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that the USB subsystem did not correctly \ninitialize certian structures. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2010-4248)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2011-02-25T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4248", "CVE-2010-4074", "CVE-2010-3448", "CVE-2010-0435", "CVE-2010-4072", "CVE-2010-3859", "CVE-2010-3873", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-3297", "CVE-2010-3877", "CVE-2010-4078", "CVE-2010-4079", "CVE-2010-4160", "CVE-2010-3699", "CVE-2010-3296", "CVE-2010-4081", "CVE-2010-3875", "CVE-2010-4083", "CVE-2010-3880", "CVE-2010-2943", "CVE-2010-4157", "CVE-2010-4080", "CVE-2010-3858"], "modified": "2011-02-25T00:00:00", "id": "USN-1072-1", "href": "https://ubuntu.com/security/notices/USN-1072-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:16:28", "description": "Gleb Napatov discovered that KVM did not correctly check certain privileged \noperations. A local attacker with access to a guest kernel could exploit \nthis to crash the host system, leading to a denial of service. \n(CVE-2010-0435)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not \ncorrectly calculate the size of certain buffers. A local attacker could \nexploit this to crash the system or possibly execute arbitrary code as the \nroot user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that kvm did not correctly clear memory. A local \nattacker could exploit this to read portions of the kernel stack, leading \nto a loss of privacy. (CVE-2010-3881)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized \non 64bit systems. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nDan Rosenberg discovered that the socket filters did not correctly \ninitialize structure memory. A local attacker could create malicious \nfilters to read portions of kernel stack memory, leading to a loss of \nprivacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n\nDan Rosenberg discovered that certain iovec operations did not calculate \npage counts correctly. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If \na system was using X.25, a remote attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4164)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A \nlocal attacker could make a specially crafted socket call to crash the \nsystem, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly \nhandle merged VMAs. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4169)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check \nioctl arguments. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2010-4175)\n\nBrad Spengler discovered that the kernel did not correctly account for \nuserspace memory allocations during exec() calls. A local attacker could \nexploit this to consume all system memory, leading to a denial of service. \n(CVE-2010-4243)\n\nVegard Nossum discovered that memory garbage collection was not handled \ncorrectly for active sockets. A local attacker could exploit this to \nallocate all available kernel memory, leading to a denial of service. \n(CVE-2010-4249)\n\nIt was discovered that named pipes did not correctly handle certain fcntl \ncalls. A local attacker could exploit this to crash the system, leading to \na denial of service. (CVE-2010-4256)\n\nNelson Elhage discovered that the kernel did not correctly handle process \ncleanup after triggering a recoverable kernel bug. If a local attacker were \nable to trigger certain kinds of kernel bugs, they could create a specially \ncrafted process to gain root privileges. (CVE-2010-4258)\n", "cvss3": {}, "published": "2011-02-01T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4258", "CVE-2010-4256", "CVE-2010-4073", "CVE-2010-4243", "CVE-2010-3874", "CVE-2010-3881", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4175", "CVE-2010-3873", "CVE-2010-4165", "CVE-2010-4162", "CVE-2010-4079", "CVE-2010-4160", "CVE-2010-4158", "CVE-2010-4083", "CVE-2010-4249", "CVE-2010-4169", "CVE-2010-4164"], "modified": "2011-02-01T00:00:00", "id": "USN-1054-1", "href": "https://ubuntu.com/security/notices/USN-1054-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-01-04T13:15:20", "description": "It was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-3698)\n\nThomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered a leak in the kernel's inotify_init() system call. \nA local, unprivileged user could exploit this to cause a denial of service. \n(CVE-2010-4250)\n\nNelson Elhage discovered that Econet did not correctly handle AUN packets \nover UDP. A local attacker could send specially crafted traffic to crash \nthe system, leading to a denial of service. (CVE-2010-4342)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nAn error was reported in the kernel's ORiNOCO wireless driver's handling of \nTKIP countermeasures. This reduces the amount of time an attacker needs \nbreach a wireless network using WPA+TKIP for security. (CVE-2010-4648)\n\nDan Carpenter discovered that the Infiniband driver did not correctly \nhandle certain requests. A local user could exploit this to crash the \nsystem or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nAn error was discovered in the kernel's handling of CUSE (Character device \nin Userspace). A local attacker might exploit this flaw to escalate \nprivilege, if access to /dev/cuse has been modified to allow non-root \nusers. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture (IMA). \nChanges made by an attacker might not be discovered by IMA, if SELinux was \ndisabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nIt was discovered that some import kernel threads can be blocked by a user \nlevel process. An unprivileged local user could exploit this flaw to cause \na denial of service. (CVE-2011-4621)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2011-03-02T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4527", "CVE-2010-4248", "CVE-2011-4621", "CVE-2011-0006", "CVE-2010-4648", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4346", "CVE-2010-4650", "CVE-2010-4250", "CVE-2010-3877", "CVE-2010-4079", "CVE-2010-4649", "CVE-2010-3865", "CVE-2010-3875", "CVE-2010-4083", "CVE-2011-1044", "CVE-2010-3880", "CVE-2010-4342"], "modified": "2011-03-02T00:00:00", "id": "USN-1081-1", "href": "https://ubuntu.com/security/notices/USN-1081-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:12:20", "description": "Thomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not \ncorrectly calculate the size of certain buffers. A local attacker could \nexploit this to crash the system or possibly execute arbitrary code as the \nroot user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If \na system was using X.25, a remote attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4164)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nNelson Elhage discovered that the kernel did not correctly handle process \ncleanup after triggering a recoverable kernel bug. If a local attacker were \nable to trigger certain kinds of kernel bugs, they could create a specially \ncrafted process to gain root privileges. (CVE-2010-4258)\n\nNelson Elhage discovered that Econet did not correctly handle AUN packets \nover UDP. A local attacker could send specially crafted traffic to crash \nthe system, leading to a denial of service. (CVE-2010-4342)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nDan Rosenberg discovered that IRDA did not correctly check the size of \nbuffers. On non-x86 systems, a local attacker could exploit this to read \nkernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\nDan Rosenburg discovered that the CAN subsystem leaked kernel addresses \ninto the /proc filesystem. A local attacker could use this to increase the \nchances of a successful memory corruption exploit. (CVE-2010-4565)\n\nKees Cook discovered that some ethtool functions did not correctly clear \nheap memory. A local attacker with CAP_NET_ADMIN privileges could exploit \nthis to read portions of kernel heap memory, leading to a loss of privacy. \n(CVE-2010-4655)\n\nKees Cook discovered that the IOWarrior USB device driver did not correctly \ncheck certain size fields. A local attacker with physical access could plug \nin a specially crafted USB device to crash the system or potentially gain \nroot privileges. (CVE-2010-4656)\n\nGoldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly \nclear memory when writing certain file holes. A local attacker could \nexploit this to read uninitialized data from the disk, leading to a loss of \nprivacy. (CVE-2011-0463)\n\nDan Carpenter discovered that the TTPCI DVB driver did not check certain \nvalues during an ioctl. If the dvb-ttpci module was loaded, a local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or possibly gain root privileges. (CVE-2011-0521)\n\nJens Kuehnel discovered that the InfiniBand driver contained a race \ncondition. On systems using InfiniBand, a local attacker could send \nspecially crafted requests to crash the system, leading to a denial of \nservice. (CVE-2011-0695)\n\nDan Rosenberg discovered that XFS did not correctly initialize memory. A \nlocal attacker could make crafted ioctl calls to leak portions of kernel \nstack memory, leading to a loss of privacy. (CVE-2011-0711)\n\nRafael Dominguez Vega discovered that the caiaq Native Instruments USB \ndriver did not correctly validate string lengths. A local attacker with \nphysical access could plug in a specially crafted USB device to crash the \nsystem or potentially gain root privileges. (CVE-2011-0712)\n\nTimo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nJulien Tinnes discovered that the kernel did not correctly validate the \nsignal structure from tkill(). A local attacker could exploit this to send \nsignals to arbitrary threads, possibly bypassing expected restrictions. \n(CVE-2011-1182)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1748)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2011-07-06T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities (i.MX51)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0463", "CVE-2010-4656", "CVE-2010-4258", "CVE-2011-0695", "CVE-2011-1182", "CVE-2011-1017", "CVE-2010-4527", "CVE-2010-4082", "CVE-2010-4248", "CVE-2010-4080", "CVE-2011-1494", "CVE-2010-3874", "CVE-2010-4655", "CVE-2011-1746", "CVE-2010-3873", "CVE-2010-3876", "CVE-2011-0521", "CVE-2010-4346", "CVE-2011-0712", "CVE-2011-1745", "CVE-2011-2022", "CVE-2010-3877", "CVE-2011-1748", "CVE-2010-3865", "CVE-2010-4081", "CVE-2010-3875", "CVE-2011-0711", "CVE-2010-4083", "CVE-2010-3880", "CVE-2010-4529", "CVE-2010-4157", "CVE-2011-1495", "CVE-2010-4565", "CVE-2010-4164", "CVE-2010-4342", "CVE-2011-1593"], "modified": "2011-07-06T00:00:00", "id": "USN-1164-1", "href": "https://ubuntu.com/security/notices/USN-1164-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-01-04T13:15:20", "description": "Thomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nKrishna Gudipati discovered that the bfa adapter driver did not correctly \ninitialize certain structures. A local attacker could read files in /sys to \ncrash the system, leading to a denial of service. (CVE-2010-4343)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nIt was discovered that the ICMP stack did not correctly handle certain \nunreachable messages. If a remote attacker were able to acquire a socket \nlock, they could send specially crafted traffic that would crash the \nsystem, leading to a denial of service. (CVE-2010-4526)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nAn error was reported in the kernel's ORiNOCO wireless driver's handling of \nTKIP countermeasures. This reduces the amount of time an attacker needs \nbreach a wireless network using WPA+TKIP for security. (CVE-2010-4648)\n\nDan Carpenter discovered that the Infiniband driver did not correctly \nhandle certain requests. A local user could exploit this to crash the \nsystem or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nAn error was discovered in the kernel's handling of CUSE (Character device \nin Userspace). A local attacker might exploit this flaw to escalate \nprivilege, if access to /dev/cuse has been modified to allow non-root \nusers. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture (IMA). \nChanges made by an attacker might not be discovered by IMA, if SELinux was \ndisabled, and a new IMA rule was loaded. (CVE-2011-0006)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2011-03-02T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4346", "CVE-2010-3865", "CVE-2011-0006", "CVE-2010-3875", "CVE-2010-4650", "CVE-2010-4527", "CVE-2011-1044", "CVE-2010-4526", "CVE-2010-3880", "CVE-2010-3877", "CVE-2010-4248", "CVE-2010-4343", "CVE-2010-4648", "CVE-2010-3876", "CVE-2010-4649"], "modified": "2011-03-02T00:00:00", "id": "USN-1080-2", "href": "https://ubuntu.com/security/notices/USN-1080-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:15:24", "description": "Thomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nKrishna Gudipati discovered that the bfa adapter driver did not correctly \ninitialize certain structures. A local attacker could read files in /sys to \ncrash the system, leading to a denial of service. (CVE-2010-4343)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nIt was discovered that the ICMP stack did not correctly handle certain \nunreachable messages. If a remote attacker were able to acquire a socket \nlock, they could send specially crafted traffic that would crash the \nsystem, leading to a denial of service. (CVE-2010-4526)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nAn error was reported in the kernel's ORiNOCO wireless driver's handling of \nTKIP countermeasures. This reduces the amount of time an attacker needs \nbreach a wireless network using WPA+TKIP for security. (CVE-2010-4648)\n\nDan Carpenter discovered that the Infiniband driver did not correctly \nhandle certain requests. A local user could exploit this to crash the \nsystem or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nAn error was discovered in the kernel's handling of CUSE (Character device \nin Userspace). A local attacker might exploit this flaw to escalate \nprivilege, if access to /dev/cuse has been modified to allow non-root \nusers. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture (IMA). \nChanges made by an attacker might not be discovered by IMA, if SELinux was \ndisabled, and a new IMA rule was loaded. (CVE-2011-0006)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2011-03-01T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-4346", "CVE-2010-3865", "CVE-2011-0006", "CVE-2010-3875", "CVE-2010-4650", "CVE-2010-4527", "CVE-2011-1044", "CVE-2010-4526", "CVE-2010-3880", "CVE-2010-3877", "CVE-2010-4248", "CVE-2010-4343", "CVE-2010-4648", "CVE-2010-3876", "CVE-2010-4649"], "modified": "2011-03-01T00:00:00", "id": "USN-1080-1", "href": "https://ubuntu.com/security/notices/USN-1080-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:14:36", "description": "Dan Rosenberg discovered that the RDS network protocol did not correctly \ncheck certain parameters. A local attacker could exploit this gain root \nprivileges. (CVE-2010-3904)\n\nNelson Elhage discovered several problems with the Acorn Econet protocol \ndriver. A local user could cause a denial of service via a NULL pointer \ndereference, escalate privileges by overflowing the kernel stack, and \nassign Econet addresses to arbitrary interfaces. (CVE-2010-3848, \nCVE-2010-3849, CVE-2010-3850)\n\nBen Hutchings discovered that the ethtool interface did not correctly check \ncertain sizes. A local attacker could perform malicious ioctl calls that \ncould crash the system, leading to a denial of service. (CVE-2010-2478, \nCVE-2010-3084)\n\nEric Dumazet discovered that many network functions could leak kernel stack \ncontents. A local attacker could exploit this to read portions of kernel \nmemory, leading to a loss of privacy. (CVE-2010-2942, CVE-2010-3477)\n\nDave Chinner discovered that the XFS filesystem did not correctly order \ninode lookups when exported by NFS. A remote attacker could exploit this to \nread or write disk blocks that had changed file assignment or had become \nunlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nTavis Ormandy discovered that the IRDA subsystem did not correctly shut \ndown. A local attacker could exploit this to cause the system to crash or \npossibly gain root privileges. (CVE-2010-2954)\n\nBrad Spengler discovered that the wireless extensions did not correctly \nvalidate certain request sizes. A local attacker could exploit this to read \nportions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\nTavis Ormandy discovered that the session keyring did not correctly check \nfor its parent. On systems without a default session keyring, a local \nattacker could exploit this to crash the system, leading to a denial of \nservice. (CVE-2010-2960)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly \nvalidate memory regions. A local attacker with access to the video card \ncould read and write arbitrary kernel memory to gain root privileges. \n(CVE-2010-2962)\n\nKees Cook discovered that the V4L1 32bit compat interface did not correctly \nvalidate certain parameters. A local attacker on a 64bit system with access \nto a video device could exploit this to gain root privileges. \n(CVE-2010-2963)\n\nTavis Ormandy discovered that the AIO subsystem did not correctly validate \ncertain parameters. A local attacker could exploit this to crash the system \nor possibly gain root privileges. (CVE-2010-3067)\n\nDan Rosenberg discovered that certain XFS ioctls leaked kernel stack \ncontents. A local attacker could exploit this to read portions of kernel \nmemory, leading to a loss of privacy. (CVE-2010-3078)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A \nlocal attacker could exploit this to crash the kernel, leading to a denial \nof service. (CVE-2010-3079)\n\nTavis Ormandy discovered that the OSS sequencer device did not correctly \nshut down. A local attacker could exploit this to crash the system or \npossibly gain root privileges. (CVE-2010-3080)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel \nmemory correctly. A local user could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, \nCVE-2010-3298)\n\nDan Rosenberg discovered that the ROSE driver did not correctly check \nparameters. A local attacker with access to a ROSE network device could \nexploit this to crash the system or possibly gain root privileges. \n(CVE-2010-3310)\n\nThomas Dreibholz discovered that SCTP did not correctly handle appending \npacket chunks. A remote attacker could send specially crafted traffic to \ncrash the system, leading to a denial of service. (CVE-2010-3432)\n\nDan Rosenberg discovered that the CD driver did not correctly check \nparameters. A local attacker could exploit this to read arbitrary kernel \nmemory, leading to a loss of privacy. (CVE-2010-3437)\n\nDan Rosenberg discovered that the Sound subsystem did not correctly \nvalidate parameters. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-3442)\n\nDan Jacobson discovered that ThinkPad video output was not correctly access \ncontrolled. A local attacker could exploit this to hang the system, leading \nto a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU \nregisters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that SCTP did not correctly handle HMAC \ncalculations. A remote attacker could send specially crafted traffic that \nwould crash the system, leading to a denial of service. (CVE-2010-3705)\n\nBrad Spengler discovered that stack memory for new a process was not \ncorrectly calculated. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to gain root privileges. (CVE-2010-3859)\n\nKees Cook discovered that the ethtool interface did not correctly clear \nkernel memory. A local attacker could read kernel heap memory, leading to a \nloss of privacy. (CVE-2010-3861)\n\nThomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation \nincorrectly parsed facilities. A remote attacker could exploit this to \ncrash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not \ncorrectly calculate the size of certain buffers. A local attacker could \nexploit this to crash the system or possibly execute arbitrary code as the \nroot user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not \nproperly audit certain bytecodes in netlink messages. A local attacker \ncould exploit this to cause the kernel to hang, leading to a denial of \nservice. (CVE-2010-3880)\n\nVasiliy Kulikov discovered that kvm did not correctly clear memory. A local \nattacker could exploit this to read portions of the kernel stack, leading \nto a loss of privacy. (CVE-2010-3881)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not \nclear kernel memory correctly. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized \non 64bit systems. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that multiple terminal ioctls did not correctly \ninitialize structure memory. A local attacker could exploit this to read \nportions of kernel stack memory, leading to a loss of privacy. \n(CVE-2010-4075)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver \ndid not correctly clear kernel memory. A local attacker could exploit this \nto read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, \nCVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear \nkernel memory. A local attacker could exploit this to read kernel stack \nmemory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller \ndriver did not validate certain sizes. A local attacker on a 64bit system \ncould exploit this to crash the kernel, leading to a denial of service. \n(CVE-2010-4157)\n\nDan Rosenberg discovered that the socket filters did not correctly \ninitialize structure memory. A local attacker could create malicious \nfilters to read portions of kernel stack memory, leading to a loss of \nprivacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation \ncontained multiple integer signedness errors. A local attacker could \nexploit this to to crash the kernel, or possibly gain root privileges. \n(CVE-2010-4160)\n\nDan Rosenberg discovered that certain iovec operations did not calculate \npage counts correctly. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate \niov segments. A local attacker with access to a SCSI device could send \nspecially crafted requests to crash the system, leading to a denial of \nservice. (CVE-2010-4163, CVE-2010-4668)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If \na system was using X.25, a remote attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4164)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A \nlocal attacker could make a specially crafted socket call to crash the \nsystem, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly \nhandle merged VMAs. A local attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4169)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check \nioctl arguments. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a \nwrite operation was available. If the mmap_min-addr sysctl was changed from \nthe Ubuntu default to a value of 0, a local attacker could exploit this \nflaw to gain root privileges. (CVE-2010-4242)\n\nIt was discovered that multithreaded exec did not handle CPU timers \ncorrectly. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not handled \ncorrectly for active sockets. A local attacker could exploit this to \nallocate all available kernel memory, leading to a denial of service. \n(CVE-2010-4249)\n\nNelson Elhage discovered that the kernel did not correctly handle process \ncleanup after triggering a recoverable kernel bug. If a local attacker were \nable to trigger certain kinds of kernel bugs, they could create a specially \ncrafted process to gain root privileges. (CVE-2010-4258)\n\nKrishna Gudipati discovered that the bfa adapter driver did not correctly \ninitialize certain structures. A local attacker could read files in /sys to \ncrash the system, leading to a denial of service. (CVE-2010-4343)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nIt was discovered that the ICMP stack did not correctly handle certain \nunreachable messages. If a remote attacker were able to acquire a socket \nlock, they could send specially crafted traffic that would crash the \nsystem, leading to a denial of service. (CVE-2010-4526)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nAn error was reported in the kernel's ORiNOCO wireless driver's handling of \nTKIP countermeasures. This reduces the amount of time an attacker needs \nbreach a wireless network using WPA+TKIP for security. (CVE-2010-4648)\n\nDan Carpenter discovered that the Infiniband driver did not correctly \nhandle certain requests. A local user could exploit this to crash the \nsystem or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nAn error was discovered in the kernel's handling of CUSE (Character device \nin Userspace). A local attacker might exploit this flaw to escalate \nprivilege, if access to /dev/cuse has been modified to allow non-root \nusers. (CVE-2010-4650)\n\nKees Cook discovered that some ethtool functions did not correctly clear \nheap memory. A local attacker with CAP_NET_ADMIN privileges could exploit \nthis to read portions of kernel heap memory, leading to a loss of privacy. \n(CVE-2010-4655)\n\nKees Cook discovered that the IOWarrior USB device driver did not correctly \ncheck certain size fields. A local attacker with physical access could plug \nin a specially crafted USB device to crash the system or potentially gain \nroot privileges. (CVE-2010-4656)\n\nJoel Becker discovered that OCFS2 did not correctly validate on-disk \nsymlink structures. If an attacker were able to trick a user or automated \nsystem into mounting a specially crafted filesystem, it could crash the \nsystem or expose kernel memory, leading to a loss of privacy. \n(CVE-2010-NNN2)\n\nA flaw was found in the kernel's Integrity Measurement Architecture (IMA). \nChanges made by an attacker might not be discovered by IMA, if SELinux was \ndisabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nDan Carpenter discovered that the TTPCI DVB driver did not check certain \nvalues during an ioctl. If the dvb-ttpci module was loaded, a local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or possibly gain root privileges. (CVE-2011-0521)\n\nRafael Dominguez Vega discovered that the caiaq Native Instruments USB \ndriver did not correctly validate string lengths. A local attacker with \nphysical access could plug in a specially crafted USB device to crash the \nsystem or potentially gain root privileges. (CVE-2011-0712)\n\nTimo Warns discovered that MAC partition parsing routines did not correctly \ncalculate block counts. A local attacker with physical access could plug in \na specially crafted block device to crash the system or potentially gain \nroot privileges. (CVE-2011-1010)\n\nTimo Warns discovered that LDM partition parsing routines did not correctly \ncalculate block counts. A local attacker with physical access could plug in \na specially crafted block device to crash the system, leading to a denial \nof service. (CVE-2011-1012)\n\nNelson Elhage discovered that the epoll subsystem did not correctly handle \ncertain structures. A local attacker could create malicious requests that \nwould hang the system, leading to a denial of service. (CVE-2011-1082)\n\nJohan Hovold discovered that the DCCP network stack did not correctly \nhandle certain packet combinations. A remote attacker could send specially \ncrafted network traffic that would crash the system, leading to a denial of \nservice. (CVE-2011-1093)\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2011-03-25T00:00:00", "type": "ubuntu", "title": "Linux Kernel vulnerabilities (Marvell Dove)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3080", "CVE-2010-4668", "CVE-2010-3442", "CVE-2010-4073", "CVE-2010-3861", "CVE-2010-3874", "CVE-2010-4648", "CVE-2010-4175", "CVE-2010-2960", "CVE-2010-2962", "CVE-2011-0712", "CVE-2010-4165", "CVE-2010-4526", "CVE-2010-2942", "CVE-2010-3848", "CVE-2010-4075", "CVE-2010-4157", "CVE-2010-3078", "CVE-2010-3084", "CVE-2010-4248", "CVE-2010-3881", "CVE-2010-3310", "CVE-2010-4655", "CVE-2010-3859", "CVE-2011-1012", "CVE-2010-3876", "CVE-2010-3698", "CVE-2011-0521", "CVE-2010-4346", "CVE-2010-4650", "CVE-2010-2954", "CVE-2010-3296", "CVE-2010-4081", "CVE-2010-4249", "CVE-2010-4164", "CVE-2010-4080", "CVE-2010-3705", "CVE-2010-4258", "CVE-2010-4656", "CVE-2010-4242", "CVE-2010-3067", "CVE-2011-0006", "CVE-2010-3849", "CVE-2010-4072", "CVE-2010-3432", "CVE-2010-4163", "CVE-2010-3477", "CVE-2010-3873", "CVE-2010-3079", "CVE-2010-3298", "CVE-2010-3297", "CVE-2010-2955", "CVE-2010-3877", "CVE-2010-4343", "CVE-2010-4162", "CVE-2010-4079", "CVE-2010-4649", "CVE-2010-4160", "CVE-2010-3865", "CVE-2010-4158", "CVE-2010-4083", "CVE-2011-1044", "CVE-2010-3904", "CVE-2010-3880", "CVE-2010-4169", "CVE-2010-3858", "CVE-2010-4527", "CVE-2011-1093", "CVE-2010-4082", "CVE-2010-3437", "CVE-2010-3448", "CVE-2010-2478", "CVE-2010-2963", "CVE-2010-3850", "CVE-2011-1010", "CVE-2010-3875", "CVE-2010-2943", "CVE-2011-1082"], "modified": "2011-03-25T00:00:00", "id": "USN-1093-1", "href": "https://ubuntu.com/security/notices/USN-1093-1", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T13:13:51", "description": "Dan Rosenberg discovered that the RDS network protocol did not correctly \ncheck certain parameters. A local attacker could exploit this gain root \nprivileges. (CVE-2010-3904)\n\nNelson Elhage discovered several problems with the Acorn Econet protocol \ndriver. A local user could cause a denial of service via a NULL pointer \ndereference, escalate privileges by overflowing the kernel stack, and \nassign Econet addresses to arbitrary interfaces. (CVE-2010-3848, \nCVE-2010-3849, CVE-2010-3850)\n\nBen Hawkes discovered that the Linux kernel did not correctly validate \nmemory ranges on 64bit kernels when allocating memory on behalf of 32bit \nsystem calls. On a 64bit system, a local attacker could perform malicious \nmulticast getsockopt calls to gain root privileges. (CVE-2010-3081)\n\nTavis Ormandy discovered that the IRDA subsystem did not correctly shut \ndown. A local attacker could exploit this to cause the system to crash or \npossibly gain root privileges. (CVE-2010-2954)\n\nBrad Spengler discovered that the wireless extensions did not correctly \nvalidate certain request sizes. A local attacker could exploit this to read \nportions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\nTavis Ormandy discovered that the session keyring did not correctly check \nfor its parent. On systems without a default session keyring, a local \nattacker could exploit this to crash the system, leading to a denial of \nservice. (CVE-2010-2960)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly \nvalidate memory regions. A local attacker with access to the video card \ncould read and write arbitrary kernel memory to gain root privileges. \n(CVE-2010-2962)\n\nKees Cook discovered that the V4L1 32bit compat interface did not correctly \nvalidate certain parameters. A local attacker on a 64bit system with access \nto a video device could exploit this to gain root privileges. \n(CVE-2010-2963)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A \nlocal attacker could exploit this to crash the kernel, leading to a denial \nof service. (CVE-2010-3079)\n\nTavis Ormandy discovered that the OSS sequencer device did not correctly \nshut down. A local attacker could exploit this to crash the system or \npossibly gain root privileges. (CVE-2010-3080)\n\nDan Rosenberg discovered that the CD driver did not correctly check \nparameters. A local attacker could exploit this to read arbitrary kernel \nmemory, leading to a loss of privacy. (CVE-2010-3437)\n\nDan Rosenberg discovered that SCTP did not correctly handle HMAC \ncalculations. A remote attacker could send specially crafted traffic that \nwould crash the system, leading to a denial of service. (CVE-2010-3705)\n\nKees Cook discovered that the ethtool interface did not correctly clear \nkernel memory. A local attacker could read kernel heap memory, leading to a \nloss of privacy. (CVE-2010-3861)\n\nThomas Pollet discovered that the RDS network protocol did not check \ncertain iovec buffers. A local attacker could exploit this to crash the \nsystem or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did \nnot correctly clear kernel memory. A local attacker could exploit this to \nread kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did \nnot properly initialize certain structures. A local attacker could exploit \nthis to read kernel stack memory, leading to a loss of privacy. \n(CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly \ninitialize certain structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nVasiliy Kulikov discovered that kvm did not correctly clear memory. A local \nattacker could exploit this to read portions of the kernel stack, leading \nto a loss of privacy. (CVE-2010-3881)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not \nclear kernel memory correctly. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly \ninitialize certian structures. A local attacker could exploit this to read \nkernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the socket filters did not correctly \ninitialize structure memory. A local attacker could create malicious \nfilters to read portions of kernel stack memory, leading to a loss of \nprivacy. (CVE-2010-4158)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If \na system was using X.25, a remote attacker could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2010-4164)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A \nlocal attacker could make a specially crafted socket call to crash the \nsystem, leading to a denial of service. (CVE-2010-4165)\n\nVegard Nossum discovered that memory garbage collection was not handled \ncorrectly for active sockets. A local attacker could exploit this to \nallocate all available kernel memory, leading to a denial of service. \n(CVE-2010-4249)\n\nNelson Elhage discovered that the kernel did not correctly handle process \ncleanup after triggering a recoverable kernel bug. If a local attacker were \nable to trigger certain kinds of kernel bugs, they could create a specially \ncrafted process to gain root privileges. (CVE-2010-4258)\n\nNelson Elhage discovered that Econet did not correctly handle AUN packets \nover UDP. A local attacker could send specially crafted traffic to crash \nthe system, leading to a denial of service. (CVE-2010-4342)\n\nTavis Ormandy discovered that the install_special_mapping function could \nbypass the mmap_min_addr restriction. A local attacker could exploit this \nto mmap 4096 bytes below the mmap_min_addr area, possibly improving the \nchances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name \ntermination correctly. A local attacker could exploit this crash the system \nor gain root privileges. (CVE-2010-4527)\n\nDan Rosenberg discovered that IRDA did not correctly check the size of \nbuffers. On non-x86 systems, a local attacker could exploit this to read \nkernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2011-04-20T00:00:00", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3080", "CVE-2010-3705", "CVE-2010-4258", "CVE-2010-4527", "CVE-2010-3861", "CVE-2010-3437", "CVE-2010-3881", "CVE-2010-3081", "CVE-2010-3849", "CVE-2010-4072", "CVE-2010-3876", "CVE-2010-3079", "CVE-2010-2960", "CVE-2010-4346", "CVE-2010-2962", "CVE-2010-4165", "CVE-2010-2954", "CVE-2010-2955", "CVE-2010-3877", "CVE-2010-2963", "CVE-2010-4079", "CVE-2010-3850", "CVE-2010-3848", "CVE-2010-3865", "CVE-2010-4158", "CVE-2010-3875", "CVE-2010-4249", "CVE-2010-3904", "CVE-2010-4529", "CVE-2010-4164", "CVE-2010-4342"], "modified": "2011-04-20T00:00:00", "id": "USN-1119-1", "href": "https://ubuntu.com/security/notices/USN-1119-1", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-08-15T16:27:12", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1073-1", "cvss3": {}, "published": "2011-02-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1073_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1073-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840592\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1073-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4248\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU9\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1073-1\");\n script_tag(name:\"affected\", value:\"linux, linux-ec2 vulnerabilities on Ubuntu 9.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dan Jacobson discovered that ThinkPad video output was not correctly access\n controlled. A local attacker could exploit this to hang the system, leading\n to a denial of service. (CVE-2010-3448)\n\n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n\n Thomas Pollet discovered that the RDS network protocol did not\n check certain iovec buffers. A local attacker could exploit this\n to crash the system or possibly execute arbitrary code as the root\n user. (CVE-2010-3865)\n\n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\n Dan Rosenberg discovered that the CAN protocol on 64bit systems did not\n correctly calculate the size of certain buffers. A local attacker could\n exploit this to crash the system or possibly execute arbitrary code as\n the root user. (CVE-2010-3874)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the USB subsystem did not correctly\n initialize certain structures. A local attacker could exploit this to read ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-307-ec2\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-386\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic-pae\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-virtual\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307\", ver:\"2.6.31-307.27\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.73\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:40", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1071-1", "cvss3": {}, "published": "2011-02-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840595", "href": "http://plugins.openvas.org/nasl.php?oid=840595", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1071_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Tavis Ormandy discovered that the Linux kernel did not properly implement\n exception fixup. A local attacker could exploit this to crash the kernel,\n leading to a denial of service. (CVE-2010-3086)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n \n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation\n did not properly initialize certain structures. A local attacker could\n exploit this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the SiS video driver did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4078)\n \n Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver\n did not correctly clear kernel memory. A local attacker could exploit this\n to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,\n CVE-2010-4081)\n \n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n \n James Bottomley discovered that the ICP vortex storage array controller\n driver did not validate certain sizes. A local attacker on a 64bit system\n could exploit this to crash the kernel, leading to a denial of service.\n (CVE-2010-4157)\n \n Dan Rosenberg discovered that the Linux kernel L2TP implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to to crash the kernel, or possibly gain root privileges.\n (CVE-2010-4160)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1071-1\";\ntag_affected = \"linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1071-1/\");\n script_id(840595);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1071-1\");\n script_cve_id(\"CVE-2010-3086\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-08-15T16:25:18", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1071-1", "cvss3": {}, "published": "2011-02-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "modified": "2019-08-06T00:00:00", "id": "OPENVAS:1361412562310840595", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840595", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1071-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840595\");\n script_version(\"2019-08-06T11:17:21+0000\");\n script_tag(name:\"last_modification\", value:\"2019-08-06 11:17:21 +0000 (Tue, 06 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1071-1\");\n script_cve_id(\"CVE-2010-3086\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\");\n script_name(\"Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1071-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU6\\.06 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1071-1\");\n script_tag(name:\"affected\", value:\"linux-source-2.6.15 vulnerabilities on Ubuntu 6.06 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Tavis Ormandy discovered that the Linux kernel did not properly implement\n exception fixup. A local attacker could exploit this to crash the kernel,\n leading to a denial of service. (CVE-2010-3086)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n\n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation\n did not properly initialize certain structures. A local attacker could\n exploit this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the SiS video driver did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4078)\n\n Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver\n did not correctly clear kernel memory. A local attacker could exploit this\n to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,\n CVE-2010-4081)\n\n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n\n James Bottomley discovered that the ICP vortex storage array controller\n driver did not validate certain sizes. A local attacker on a 64bit system\n could exploit this to crash the kernel, leading to a denial of service.\n (CVE-2010-4157)\n\n Dan Rosenberg discovered that the Linux kernel L2TP implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to crash the kernel, or possibly gain root privileges.\n (CVE-2010-4160)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-386\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-686\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-k7\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.93\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-15T16:26:41", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1072-1", "cvss3": {}, "published": "2011-02-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1072-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840594", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840594", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1072_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1072-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1072-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840594\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_xref(name:\"USN\", value:\"1072-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-2943\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4248\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1072-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1072-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dave Chinner discovered that the XFS filesystem did not correctly order\n inode lookups when exported by NFS. A remote attacker could exploit this to\n read or write disk blocks that had changed file assignment or had become\n unlinked, leading to a loss of privacy. (CVE-2010-2943)\n\n Dan Rosenberg discovered that several network ioctls did not clear kernel\n memory correctly. A local user could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n\n Dan Jacobson discovered that ThinkPad video output was not correctly\n access controlled. A local attacker could exploit this to hang the system,\n leading to a denial of service. (CVE-2010-3448)\n\n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2010-3698)\n\n It was discovered that Xen did not correctly clean up threads. A local\n attacker in a guest system could exploit this to exhaust host system\n resources, leading to a denial of service. (CVE-2010-3699)\n\n Brad Spengler discovered that stack memory for new a process was not\n correctly calculated. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-3858)\n\n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n\n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to\n read kernel stack memory, leading to a l ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:26:37", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1072-1", "cvss3": {}, "published": "2011-02-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1072-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840594", "href": "http://plugins.openvas.org/nasl.php?oid=840594", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1072_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1072-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dave Chinner discovered that the XFS filesystem did not correctly order\n inode lookups when exported by NFS. A remote attacker could exploit this to\n read or write disk blocks that had changed file assignment or had become\n unlinked, leading to a loss of privacy. (CVE-2010-2943)\n \n Dan Rosenberg discovered that several network ioctls did not clear kernel\n memory correctly. A local user could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n \n Dan Jacobson discovered that ThinkPad video output was not correctly\n access controlled. A local attacker could exploit this to hang the system,\n leading to a denial of service. (CVE-2010-3448)\n \n It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2010-3698)\n \n It was discovered that Xen did not correctly clean up threads. A local\n attacker in a guest system could exploit this to exhaust host system\n resources, leading to a denial of serivce. (CVE-2010-3699)\n \n Brad Spengler discovered that stack memory for new a process was not\n correctly calculated. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-3858)\n \n Dan Rosenberg discovered that the Linux kernel TIPC implementation\n contained multiple integer signedness errors. A local attacker could\n exploit this to gain root privileges. (CVE-2010-3859)\n \n Dan Rosenberg discovered that the Linux kernel X.25 implementation\n incorrectly parsed facilities. A remote attacker could exploit this to\n crash the kernel, leading to a denial of service. (CVE-2010-3873)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to\n read kernel stack memory, leading to a l ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1072-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1072-1/\");\n script_id(840594);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-28 16:24:14 +0100 (Mon, 28 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_xref(name: \"USN\", value: \"1072-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-2943\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3448\", \"CVE-2010-3698\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4160\", \"CVE-2010-4248\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1072-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-openvz\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-rt\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-xen\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-386\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-generic\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-server\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-virtual\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.86\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:56", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1054-1", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4165", "CVE-2010-0435", "CVE-2010-4169", "CVE-2010-4249"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840579", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840579", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1054_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1054-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840579\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1054-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1054-1\");\n script_tag(name:\"affected\", value:\"linux, linux-ec2 vulnerabilities on Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Gleb Napatov discovered that KVM did not correctly check certain\n privileged operations. A local attacker with access to a guest kernel\n could exploit this to crash the host system, leading to a denial of\n service. (CVE-2010-0435)\n\n Steve Chen discovered that setsockopt did not correctly check MSS values.\n A local attacker could make a specially crafted socket call to crash\n the system, leading to a denial of service. (CVE-2010-4165)\n\n Dave Jones discovered that the mprotect system call did not correctly\n handle merged VMAs. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4169)\n\n Vegard Nossum discovered that memory garbage collection was not\n handled correctly for active sockets. A local attacker could exploit\n this to allocate all available kernel memory, leading to a denial of\n service. (CVE-2010-4249)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-virtual\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-virtual\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.35-1025.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.35-25\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.35\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-312-ec2\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-312-ec2\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28-386\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28-generic-pae\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28-generic\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-386\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-generic-pae\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-generic\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-virtual\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-28\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-312\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:27:26", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1054-1", "cvss3": {}, "published": "2011-02-04T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4165", "CVE-2010-0435", "CVE-2010-4169", "CVE-2010-4249"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840579", "href": "http://plugins.openvas.org/nasl.php?oid=840579", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1054_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gleb Napatov discovered that KVM did not correctly check certain\n privileged operations. A local attacker with access to a guest kernel\n could exploit this to crash the host system, leading to a denial of\n service. (CVE-2010-0435)\n\n Steve Chen discovered that setsockopt did not correctly check MSS values.\n A local attacker could make a specially crafted socket call to crash\n the system, leading to a denial of service. (CVE-2010-4165)\n \n Dave Jones discovered that the mprotect system call did not correctly\n handle merged VMAs. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4169)\n \n Vegard Nossum discovered that memory garbage collection was not\n handled correctly for active sockets. A local attacker could exploit\n this to allocate all available kernel memory, leading to a denial of\n service. (CVE-2010-4249)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1054-1\";\ntag_affected = \"linux, linux-ec2 vulnerabilities on Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1054-1/\");\n script_id(840579);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-04 14:19:53 +0100 (Fri, 04 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1054-1\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1054-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-virtual\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-virtual\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.35-1025.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.35-25\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.35\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-312-ec2\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-312-ec2\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28-386\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28-generic-pae\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28-generic\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-386\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-generic-pae\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-generic\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-28-virtual\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-28\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-312\", ver:\"2.6.32-312.24\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-28\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-28-generic-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-28-generic-pae-di\", ver:\"2.6.32-28.55\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1081-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1081-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4649", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4342"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840599", "href": "http://plugins.openvas.org/nasl.php?oid=840599", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1081_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1081-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n\n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the ivtv V4L driver did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n \n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n \n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n \n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit t ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1081-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1081-1/\");\n script_id(840599);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1081-1\");\n script_cve_id(\"CVE-2010-3698\", \"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4079\", \"CVE-2010-4083\", \"CVE-2010-4248\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1081-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.35-1027.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.35\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:30", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1081-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1081-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4649", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-4342"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840599", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840599", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1081_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1081-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1081-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840599\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1081-1\");\n script_cve_id(\"CVE-2010-3698\", \"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4079\", \"CVE-2010-4083\", \"CVE-2010-4248\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1081-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1081-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that KVM did not correctly initialize certain CPU\n registers. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-3698)\n\n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the ivtv V4L driver did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n\n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n\n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit t ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic-pae\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-generic\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-27-virtual\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.35-1027.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-27\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.35\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-generic-pae-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-27-virtual-di\", ver:\"2.6.35-27.48\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:56", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2126-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231068662", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231068662", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2126_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2126-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.68662\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3067\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3448\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4164\");\n script_name(\"Debian Security Advisory DSA 2126-1 (linux-2.6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB5\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202126-1\");\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a privilege escalation, denial of service or information leak. For details, please visit the referenced security advisories.\n\nFor the stable distribution (lenny), this problem has been fixed in version\n2.6.26-26lenny1.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your linux-2.6 and user-mode-linux packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:40", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2126-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:68662", "href": "http://plugins.openvas.org/nasl.php?oid=68662", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2126_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2126-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that may lead\nto a privilege escalation, denial of service or information leak. For details, please visit the referenced security advisories.\n\nFor the stable distribution (lenny), this problem has been fixed in version\n2.6.26-26lenny1.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 2126-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202126-1\";\n\n\nif(description)\n{\n script_id(68662);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 17:55:59 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3067\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3448\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3873\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4078\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4164\");\n script_name(\"Debian Security Advisory DSA 2126-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-generic\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-26lenny1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-10-09T15:25:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4163", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-3437", "CVE-2010-4082", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-4078", "CVE-2010-4175", "CVE-2010-3861"], "modified": "2019-10-07T00:00:00", "id": "OPENVAS:1361412562310850156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850156", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:002\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850156\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"SUSE-SA\", value:\"2011-002\");\n script_cve_id(\"CVE-2010-3067\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4175\", \"CVE-2010-4258\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:002\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.2\");\n script_tag(name:\"impact\", value:\"potential local privilege escalation\");\n script_tag(name:\"affected\", value:\"kernel on openSUSE 11.2\");\n script_tag(name:\"insight\", value:\"This update of the openSUSE 11.2 kernel fixes various bugs\n and lots of security issues.\n\n The following security issues have been fixed:\n CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused\n by other flaws to write a 0 byte to a attacker controlled address in the\n kernel. This could lead to privilege escalation together with other issues.\n\n CVE-2010-4160: A overflow in sendto() and recvfrom() routines was fixed\n that could be used by local attackers to potentially crash the kernel\n using some socket families like L2TP.\n\n CVE-2010-4157: A 32bit vs 64bit integer mismatch in gdth_ioctl_alloc\n could lead to memory corruption in the GDTH driver.\n\n CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c in the\n Linux kernel did not properly restrict TCP_MAXSEG (aka MSS) values, which\n allows local users to cause a denial of service (OOPS) via a setsockopt\n call that specifies a small value, leading to a divide-by-zero error or\n incorrect use of a signed integer.\n\n CVE-2010-4164: A remote (or local) attacker communicating over X.25\n could cause a kernel panic by attempting to negotiate malformed\n facilities.\n\n CVE-2010-4175: A local attacker could cause memory overruns in the RDS\n protocol stack, potentially crashing the kernel. So far it is considered\n not to be exploitable.\n\n CVE-2010-3874: A minor heap overflow in the CAN network module was fixed.\n Due to nature of the memory allocator it is likely not exploitable.\n\n CVE-2010-3874: A minor heap overflow in the CAN network module was fixed.\n Due to nature of the memory allocator it is likely not exploitable.\n\n CVE-2010-4158: A memory information leak in Berkeley packet filter rules\n allowed local attackers to read uninitialized memory of the kernel stack.\n\n CVE-2010-4162: A local denial of service in the blockdevice layer was fixed.\n\n CVE-2010-4163: By submitting certain I/O requests with 0 length, a local\n user could have caused a kernel panic.\n\n CVE-2010-3861: The ethtool_get_rxnfc function in net/core/ethtool.c\n in the Linux kernel did not initialize a certain block of heap memory,\n which allowed local users to obtain potentially sensitive information via\n an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value.\n\n CVE-2010-3442: Multiple integer overflows in the snd_ctl_new function\n in sound/core/control.c in the Linux kernel allowed local users to\n cause a denial of service (heap memory corruption) or possibly have\n unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or\n (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl ca ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_2.6.31.14_0.6~6.9.39\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_2.6.31.14_0.6~6.9.39\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-12T11:18:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:002", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4163", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-3437", "CVE-2010-4082", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-4078", "CVE-2010-4175", "CVE-2010-3861"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850156", "href": "http://plugins.openvas.org/nasl.php?oid=850156", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:002\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This update of the openSUSE 11.2 kernel fixes various bugs\n and lots of security issues.\n\n Following security issues have been fixed:\n CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused\n by other flaws to write a 0 byte to a attacker controlled address in the\n kernel. This could lead to privilege escalation together with other issues.\n\n CVE-2010-4160: A overflow in sendto() and recvfrom() routines was fixed\n that could be used by local attackers to potentially crash the kernel\n using some socket families like L2TP.\n\n CVE-2010-4157: A 32bit vs 64bit integer mismatch in gdth_ioctl_alloc\n could lead to memory corruption in the GDTH driver.\n\n CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c in the\n Linux kernel did not properly restrict TCP_MAXSEG (aka MSS) values, which\n allows local users to cause a denial of service (OOPS) via a setsockopt\n call that specifies a small value, leading to a divide-by-zero error or\n incorrect use of a signed integer.\n\n CVE-2010-4164: A remote (or local) attacker communicating over X.25\n could cause a kernel panic by attempting to negotiate malformed\n facilities.\n\n CVE-2010-4175: A local attacker could cause memory overruns in the RDS\n protocol stack, potentially crashing the kernel. So far it is considered\n not to be exploitable.\n\n CVE-2010-3874: A minor heap overflow in the CAN network module was fixed.\n Due to nature of the memory allocator it is likely not exploitable.\n\n CVE-2010-3874: A minor heap overflow in the CAN network module was fixed.\n Due to nature of the memory allocator it is likely not exploitable.\n\n CVE-2010-4158: A memory information leak in Berkeley packet filter rules\n allowed local attackers to read uninitialized memory of the kernel stack.\n\n CVE-2010-4162: A local denial of service in the blockdevice layer was fixed.\n\n CVE-2010-4163: By submitting certain I/O requests with 0 length, a local\n user could have caused a kernel panic.\n\n CVE-2010-3861: The ethtool_get_rxnfc function in net/core/ethtool.c\n in the Linux kernel did not initialize a certain block of heap memory,\n which allowed local users to obtain potentially sensitive information via\n an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value.\n\n CVE-2010-3442: Multiple integer overflows in the snd_ctl_new function\n in sound/core/control.c in the Linux kernel allowed local users to\n cause a denial of service (heap memory corruption) or possibly have\n unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or\n (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl ca ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"potential local privilege escalation\";\ntag_affected = \"kernel on openSUSE 11.2\";\n\n\nif(description)\n{\n script_id(850156);\n script_version(\"$Revision: 8041 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 08:28:21 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2011-002\");\n script_cve_id(\"CVE-2010-3067\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4175\", \"CVE-2010-4258\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:002\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.31.14~0.6.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_2.6.31.14_0.6~6.9.39\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_2.6.31.14_0.6~6.9.39\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-10-09T15:25:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:001", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4163", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4347", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-4175", "CVE-2010-3861"], "modified": "2019-10-07T00:00:00", "id": "OPENVAS:1361412562310850157", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:001\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850157\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"SUSE-SA\", value:\"2011-001\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3067\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4175\", \"CVE-2010-4258\", \"CVE-2010-4347\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:001\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE11\\.3\");\n script_tag(name:\"impact\", value:\"local privilege escalation, remote denial of service\");\n script_tag(name:\"affected\", value:\"kernel on openSUSE 11.3\");\n script_tag(name:\"insight\", value:\"The openSUSE 11.3 kernel was updated to fix various bugs and security\n issues.\n\n The following security issues have been fixed:\n CVE-2010-4347: A local user could inject ACPI code into the kernel\n via the world-writable 'custom_debug' file, allowing local privilege\n escalation.\n\n CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused\n by other flaws to write a 0 byte to a attacker controlled address\n in the kernel. This could lead to privilege escalation together with\n other issues.\n\n CVE-2010-4157: A 32bit vs 64bit integer mismatch in gdth_ioctl_alloc\n could lead to memory corruption in the GDTH driver.\n\n CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c\n in the Linux kernel did not properly restrict TCP_MAXSEG (aka MSS)\n values, which allows local users to cause a denial of service (OOPS)\n via a setsockopt call that specifies a small value, leading to a\n divide-by-zero error or incorrect use of a signed integer.\n\n CVE-2010-4164: A remote (or local) attacker communicating over X.25\n could cause a kernel panic by attempting to negotiate malformed\n facilities.\n\n CVE-2010-4175: A local attacker could cause memory overruns in the\n RDS protocol stack, potentially crashing the kernel. So far it is\n considered not to be exploitable.\n\n CVE-2010-4169: Use-after-free vulnerability in mm/mprotect.c in the\n Linux kernel allowed local users to cause a denial of service via\n vectors involving an mprotect system call.\n\n CVE-2010-3874: A minor heap overflow in the CAN network module\n was fixed. Due to nature of the memory allocator it is likely not\n exploitable.\n\n CVE-2010-4158: A memory information leak in Berkeley packet filter\n rules allowed local attackers to read uninitialized memory of the\n kernel stack.\n\n CVE-2010-4162: A local denial of service in the blockdevice layer\n was fixed.\n\n CVE-2010-4163: By submitting certain I/O requests with 0 length,\n a local user could have caused a kernel panic.\n\n CVE-2010-0435: The Hypervisor in KVM 83, when the Intel VT-x extension\n is enabled, allows guest OS users to cause a denial of service\n (NULL pointer dereference and host OS crash) via vectors related to\n instruction emulation.\n\n CVE-2010-3861: The ethtool_get_rxnfc function in net/core/ethtool.c\n in the Linux kernel did not initialize a certain block of heap memory,\n which allowed local users to obtain potentially sensitive information\n via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt\n value.\n\n CVE-2010-3442: Multiple integer overflows in the snd_ctl_ne ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi-devel\", rpm:\"kernel-vmi-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_k2.6.34.7_0.7~19.1.11\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_k2.6.34.7_0.7~19.1.11\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-12T11:19:33", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:001", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4163", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4347", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-4175", "CVE-2010-3861"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850157", "href": "http://plugins.openvas.org/nasl.php?oid=850157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:001\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The openSUSE 11.3 kernel was updated to fix various bugs and security\n issues.\n\n Following security issues have been fixed:\n CVE-2010-4347: A local user could inject ACPI code into the kernel\n via the world-writable "custom_debug" file, allowing local privilege\n escalation.\n\n CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused\n by other flaws to write a 0 byte to a attacker controlled address\n in the kernel. This could lead to privilege escalation together with\n other issues.\n\n CVE-2010-4157: A 32bit vs 64bit integer mismatch in gdth_ioctl_alloc\n could lead to memory corruption in the GDTH driver.\n\n CVE-2010-4165: The do_tcp_setsockopt function in net/ipv4/tcp.c\n in the Linux kernel did not properly restrict TCP_MAXSEG (aka MSS)\n values, which allows local users to cause a denial of service (OOPS)\n via a setsockopt call that specifies a small value, leading to a\n divide-by-zero error or incorrect use of a signed integer.\n\n CVE-2010-4164: A remote (or local) attacker communicating over X.25\n could cause a kernel panic by attempting to negotiate malformed\n facilities.\n\n CVE-2010-4175: A local attacker could cause memory overruns in the\n RDS protocol stack, potentially crashing the kernel. So far it is\n considered not to be exploitable.\n\n CVE-2010-4169: Use-after-free vulnerability in mm/mprotect.c in the\n Linux kernel allowed local users to cause a denial of service via\n vectors involving an mprotect system call.\n\n CVE-2010-3874: A minor heap overflow in the CAN network module\n was fixed. Due to nature of the memory allocator it is likely not\n exploitable.\n\n CVE-2010-4158: A memory information leak in Berkeley packet filter\n rules allowed local attackers to read uninitialized memory of the\n kernel stack.\n\n CVE-2010-4162: A local denial of service in the blockdevice layer\n was fixed.\n\n CVE-2010-4163: By submitting certain I/O requests with 0 length,\n a local user could have caused a kernel panic.\n\n CVE-2010-0435: The Hypervisor in KVM 83, when the Intel VT-x extension\n is enabled, allows guest OS users to cause a denial of service\n (NULL pointer dereference and host OS crash) via vectors related to\n instruction emulation.\n\n CVE-2010-3861: The ethtool_get_rxnfc function in net/core/ethtool.c\n in the Linux kernel did not initialize a certain block of heap memory,\n which allowed local users to obtain potentially sensitive information\n via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt\n value.\n\n CVE-2010-3442: Multiple integer overflows in the snd_ctl_ne ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"local privilege escalation, remote denial of service\";\ntag_affected = \"kernel on openSUSE 11.3\";\n\n\nif(description)\n{\n script_id(850157);\n script_version(\"$Revision: 8041 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-08 08:28:21 +0100 (Fri, 08 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2011-001\");\n script_cve_id(\"CVE-2010-0435\", \"CVE-2010-3067\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4078\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4175\", \"CVE-2010-4258\", \"CVE-2010-4347\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:001\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.3\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-extra\", rpm:\"kernel-ec2-extra~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi\", rpm:\"kernel-vmi~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi-base\", rpm:\"kernel-vmi-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vmi-devel\", rpm:\"kernel-vmi-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.34.7~0.7.1\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_k2.6.34.7_0.7~19.1.11\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_k2.6.34.7_0.7~19.1.11\", rls:\"openSUSE11.3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-08-08T14:18:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-05T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0007-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2010-2492", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4525", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4162", "CVE-2010-4263", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-3080", "CVE-2010-3298", "CVE-2010-4077", "CVE-2010-3861", "CVE-2010-4075"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870652", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870652", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0007-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00005.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870652\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-05 19:31:50 +0530 (Tue, 05 Jun 2012)\");\n script_cve_id(\"CVE-2010-2492\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3080\",\n \"CVE-2010-3298\", \"CVE-2010-3477\", \"CVE-2010-3861\", \"CVE-2010-3865\",\n \"CVE-2010-3874\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4072\",\n \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4075\", \"CVE-2010-4077\",\n \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\",\n \"CVE-2010-4083\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4162\",\n \"CVE-2010-4163\", \"CVE-2010-4242\", \"CVE-2010-4248\", \"CVE-2010-4249\",\n \"CVE-2010-4263\", \"CVE-2010-4525\", \"CVE-2010-4668\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0007-01\");\n script_name(\"RedHat Update for kernel RHSA-2011:0007-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"* Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable\n permissions (which it does not, by default, on Red Hat Enterprise Linux 6),\n a local, unprivileged user could use this flaw to cause a denial of service\n or possibly escalate their privileges. (CVE-2010-2492, Important)\n\n * Integer overflow in the RDS protocol implementation could allow a local,\n unprivileged user to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n\n * Missing boundary checks in the PPP over L2TP sockets implementation could\n allow a local, unprivileged user to cause a denial of service or escalate\n their privileges. (CVE-2010-4160, Important)\n\n * NULL pointer dereference in the igb driver. If both Single Root I/O\n Virtualization (SR-IOV) and promiscuous mode were enabled on an interface\n using igb, it could result in a denial of service when a tagged VLAN packet\n is received on that interface. (CVE-2010-4263, Important)\n\n * Missing initialization flaw in the XFS file system implementation, and in\n the network traffic policing implementation, could allow a local,\n unprivileged user to cause an information leak. (CVE-2010-3078,\n CVE-2010-3477, Moderate)\n\n * NULL pointer dereference in the Open Sound System compatible sequencer\n driver could allow a local, unprivileged user with access to /dev/sequencer\n to cause a denial of service. /dev/sequencer is only accessible to root and\n users in the audio group by default. (CVE-2010-3080, Moderate)\n\n * Flaw in the ethtool IOCTL handler could allow a local user to cause an\n information leak. (CVE-2010-3861, Moderate)\n\n * Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast\n Manager. On 64-bit systems, writing the socket address may overflow the\n procname character array. (CVE-2010-3874, Moderate)\n\n * Flaw in the module for monitoring the sockets of INET transport\n protocols could allow a local, unprivileged user to cause a denial of\n service. (CVE-2010-3880, Moderate)\n\n * Missing boundary checks in the block layer implementation could allow a\n local, unprivileged user to cause a denial of service. (CVE-2010-4162,\n CVE-2010-4163, CVE-2010-4668, Moderate)\n\n * NULL pointer dereference in the Bluetooth HCI UART driver could allow a\n local, unprivileged user to cause a denial of service. (CVE-2010-4242,\n Moderate)\n\n * Flaw in the Linux kernel CPU time clocks implementation for the POSIX\n clock interface could allow a local, unprivileged user to caus ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:58:08", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2012-06-05T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0007-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2010-2492", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4525", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4162", "CVE-2010-4263", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-3080", "CVE-2010-3298", "CVE-2010-4077", "CVE-2010-3861", "CVE-2010-4075"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:870652", "href": "http://plugins.openvas.org/nasl.php?oid=870652", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0007-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"* Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable\n permissions (which it does not, by default, on Red Hat Enterprise Linux 6),\n a local, unprivileged user could use this flaw to cause a denial of service\n or possibly escalate their privileges. (CVE-2010-2492, Important)\n\n * Integer overflow in the RDS protocol implementation could allow a local,\n unprivileged user to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n\n * Missing boundary checks in the PPP over L2TP sockets implementation could\n allow a local, unprivileged user to cause a denial of service or escalate\n their privileges. (CVE-2010-4160, Important)\n\n * NULL pointer dereference in the igb driver. If both Single Root I/O\n Virtualization (SR-IOV) and promiscuous mode were enabled on an interface\n using igb, it could result in a denial of service when a tagged VLAN packet\n is received on that interface. (CVE-2010-4263, Important)\n\n * Missing initialization flaw in the XFS file system implementation, and in\n the network traffic policing implementation, could allow a local,\n unprivileged user to cause an information leak. (CVE-2010-3078,\n CVE-2010-3477, Moderate)\n\n * NULL pointer dereference in the Open Sound System compatible sequencer\n driver could allow a local, unprivileged user with access to /dev/sequencer\n to cause a denial of service. /dev/sequencer is only accessible to root and\n users in the audio group by default. (CVE-2010-3080, Moderate)\n\n * Flaw in the ethtool IOCTL handler could allow a local user to cause an\n information leak. (CVE-2010-3861, Moderate)\n\n * Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast\n Manager. On 64-bit systems, writing the socket address may overflow the\n procname character array. (CVE-2010-3874, Moderate)\n\n * Flaw in the module for monitoring the sockets of INET transport\n protocols could allow a local, unprivileged user to cause a denial of\n service. (CVE-2010-3880, Moderate)\n\n * Missing boundary checks in the block layer implementation could allow a\n local, unprivileged user to cause a denial of service. (CVE-2010-4162,\n CVE-2010-4163, CVE-2010-4668, Moderate)\n\n * NULL pointer dereference in the Bluetooth HCI UART driver could allow a\n local, unprivileged user to cause a denial of service. (CVE-2010-4242,\n Moderate)\n\n * Flaw in the Linux kernel CPU time clocks implementation for the POSIX\n clock interface could allow a local, unprivileged user to caus ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00005.html\");\n script_id(870652);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-05 19:31:50 +0530 (Tue, 05 Jun 2012)\");\n script_cve_id(\"CVE-2010-2492\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3080\",\n \"CVE-2010-3298\", \"CVE-2010-3477\", \"CVE-2010-3861\", \"CVE-2010-3865\",\n \"CVE-2010-3874\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4072\",\n \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4075\", \"CVE-2010-4077\",\n \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\",\n \"CVE-2010-4083\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4162\",\n \"CVE-2010-4163\", \"CVE-2010-4242\", \"CVE-2010-4248\", \"CVE-2010-4249\",\n \"CVE-2010-4263\", \"CVE-2010-4525\", \"CVE-2010-4668\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0007-01\");\n script_name(\"RedHat Update for kernel RHSA-2011:0007-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~71.14.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:49", "description": "Oracle Linux Local Security Checks ELSA-2011-2010", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-2010", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4668", "CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4249"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122217", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-2010.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122217\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:14:56 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-2010\");\n script_tag(name:\"insight\", value:\"ELSA-2011-2010 - Oracle Linux 6 Unbreakable Enterprise kernel security fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-2010\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-2010.html\");\n script_cve_id(\"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4249\", \"CVE-2010-4668\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~100.28.9.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.28.9.el5~1.5.1~4.0.28\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.28.9.el5debug~1.5.1~4.0.28\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~100.28.9.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:11", "description": "Oracle Linux Local Security Checks ELSA-2011-0004", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0004", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122285", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122285", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0004.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122285\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:59 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0004\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0004 - kernel security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0004\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0004.html\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.32.1.0.1.el5~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.32.1.0.1.el5PAE~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.32.1.0.1.el5debug~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.32.1.0.1.el5xen~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.32.1.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.32.1.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.32.1.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.32.1.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:57:18", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0004 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:881254", "href": "http://plugins.openvas.org/nasl.php?oid=881254", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0004 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n \n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n \n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n \n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n \n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n \n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n \n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n \n * It was found that a malic ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017222.html\");\n script_id(881254);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:12:07 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\",\n \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\",\n \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\",\n \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0004\");\n script_name(\"CentOS Update for kernel CESA-2011:0004 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0004-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870374", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870374", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0004-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00002.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870374\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0004-01\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_name(\"RedHat Update for kernel RHSA-2011:0004-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n\n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n\n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n\n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n\n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n\n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:55:38", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0004 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880516", "href": "http://plugins.openvas.org/nasl.php?oid=880516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0004 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n \n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n \n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n \n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n \n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n \n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n \n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n \n * It was found that a malic ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017221.html\");\n script_id(880516);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0004\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_name(\"CentOS Update for kernel CESA-2011:0004 centos5 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:31", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-01-11T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0004-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870374", "href": "http://plugins.openvas.org/nasl.php?oid=870374", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0004-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n \n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n \n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n \n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n \n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n \n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n \n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00002.html\");\n script_id(870374);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-11 16:07:49 +0100 (Tue, 11 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0004-01\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_name(\"RedHat Update for kernel RHSA-2011:0004-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0004 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880516", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880516", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0004 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017221.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880516\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0004\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\", \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_name(\"CentOS Update for kernel CESA-2011:0004 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n\n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n\n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n\n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n\n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n\n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n\n * It was found that a malic ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0004 centos5 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881254", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0004 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017222.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881254\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:12:07 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3699\", \"CVE-2010-3858\",\n \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\", \"CVE-2010-3880\",\n \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4161\", \"CVE-2010-4242\",\n \"CVE-2010-4247\", \"CVE-2010-4248\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0004\");\n script_name(\"CentOS Update for kernel CESA-2011:0004 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in sctp_packet_config() in the Linux kernel's Stream\n Control Transmission Protocol (SCTP) implementation. A remote attacker\n could use this flaw to cause a denial of service. (CVE-2010-3432,\n Important)\n\n * A missing integer overflow check was found in snd_ctl_new() in the Linux\n kernel's sound subsystem. A local, unprivileged user on a 32-bit system\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3442, Important)\n\n * A heap overflow flaw in the Linux kernel's Transparent Inter-Process\n Communication protocol (TIPC) implementation could allow a local,\n unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n * An integer overflow flaw was found in the Linux kernel's Reliable\n Datagram Sockets (RDS) protocol implementation. A local, unprivileged user\n could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-3865, Important)\n\n * A flaw was found in the Xenbus code for the unified block-device I/O\n interface back end. A privileged guest user could use this flaw to cause a\n denial of service on the host system running the Xen hypervisor.\n (CVE-2010-3699, Moderate)\n\n * Missing sanity checks were found in setup_arg_pages() in the Linux\n kernel. When making the size of the argument and environment area on the\n stack very large, it could trigger a BUG_ON(), resulting in a local denial\n of service. (CVE-2010-3858, Moderate)\n\n * A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\n monitoring the sockets of INET transport protocols. By sending a netlink\n message with certain bytecode, a local, unprivileged user could cause a\n denial of service. (CVE-2010-3880, Moderate)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use this flaw to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\n introduced a regression. A local, unprivileged user could use this flaw to\n cause a denial of service. (CVE-2010-4161, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n\n * It was found that a malic ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.32.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0162 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881399", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881399", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0162 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017246.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881399\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:44:54 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3859\", \"CVE-2010-3876\", \"CVE-2010-4072\", \"CVE-2010-4073\",\n \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4083\", \"CVE-2010-4157\",\n \"CVE-2010-4158\", \"CVE-2010-4242\", \"CVE-2010-4249\", \"CVE-2010-4258\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0162\");\n script_name(\"CentOS Update for kernel CESA-2011:0162 centos4 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A heap overflow flaw was found in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC) implementation. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3859, Important)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use these flaws to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n\n * A flaw was found in the Linux kernel's garbage collector for AF_UNIX\n sockets. A local, unprivileged user could use this flaw to trigger a\n denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n * Missing initialization flaws were found in the Linux kernel. A local,\n unprivileged user could use these flaws to cause information leaks.\n (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\n CVE-2010-4083, CVE-2010-4158, Low)\n\n Red Hat would like to thank Alan Cox for reporting CVE-2010-4242, Vegard\n Nossum for reporting CVE-2010-4249, Vasiliy Kulikov for reporting\n CVE-2010-3876, Kees Cook for reporting CVE-2010-4072, and Dan Rosenberg for\n reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\n CVE-2010-4158.\n\n This update also fixes the following bugs:\n\n * A flaw was found in the Linux kernel where, if used in conjunction with\n another flaw that can result in a kernel Oops, could possibly lead to\n privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\n sysctl panic_on_oops variable is turned on by default. However, as a\n preventive measure if the variable is turned off by an administrator, this\n update addresses the issue. Red Hat would like to thank Nelson Elhage for\n reporting this vulnerability. (BZ#659568)\n\n * On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\n achieved by using page-based sk_buff buffers without any packet split. The\n entire frame data is copied to the page(s) rather than some to the\n skb->data area and some to the page(s) when performing a typical\n packet-split. This caused problems with the filtering code and frames were\n getting dropped before they were received by list ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0162-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870380", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870380", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0162-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870380\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0162-01\");\n script_cve_id(\"CVE-2010-3859\", \"CVE-2010-3876\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4242\", \"CVE-2010-4249\", \"CVE-2010-4258\");\n script_name(\"RedHat Update for kernel RHSA-2011:0162-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_4\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A heap overflow flaw was found in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC) implementation. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3859, Important)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use these flaws to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n\n * A flaw was found in the Linux kernel's garbage collector for AF_UNIX\n sockets. A local, unprivileged user could use this flaw to trigger a\n denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n * Missing initialization flaws were found in the Linux kernel. A local,\n unprivileged user could use these flaws to cause information leaks.\n (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\n CVE-2010-4083, CVE-2010-4158, Low)\n\n Red Hat would like to thank Alan Cox for reporting CVE-2010-4242, Vegard\n Nossum for reporting CVE-2010-4249, Vasiliy Kulikov for reporting\n CVE-2010-3876, Kees Cook for reporting CVE-2010-4072, and Dan Rosenberg for\n reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\n CVE-2010-4158.\n\n This update also fixes the following bugs:\n\n * A flaw was found in the Linux kernel where, if used in conjunction with\n another flaw that can result in a kernel Oops, could possibly lead to\n privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\n sysctl panic_on_oops variable is turned on by default. However, as a\n preventive measure if the variable is turned off by an administrator, this\n update addresses the issue. Red Hat would like to thank Nelson Elhage for\n reporting this vulnerability. (BZ#659568)\n\n * On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\n achieved by using page-based sk_buff buffers without any packet split. The\n entire frame data is copied to the page(s) rather than some to the\n skb->data area and some to the page(s) when performing a typical\n packet-split. T ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-31T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0162 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880459", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880459", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0162 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-January/017245.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880459\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0162\");\n script_cve_id(\"CVE-2010-3859\", \"CVE-2010-3876\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4242\", \"CVE-2010-4249\", \"CVE-2010-4258\");\n script_name(\"CentOS Update for kernel CESA-2011:0162 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 4\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A heap overflow flaw was found in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC) implementation. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3859, Important)\n\n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit\n system could use these flaws to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n\n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n\n * A flaw was found in the Linux kernel's garbage collector for AF_UNIX\n sockets. A local, unprivileged user could use this flaw to trigger a\n denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n * Missing initialization flaws were found in the Linux kernel. A local,\n unprivileged user could use these flaws to cause information leaks.\n (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\n CVE-2010-4083, CVE-2010-4158, Low)\n\n Red Hat would like to thank Alan Cox for reporting CVE-2010-4242, Vegard\n Nossum for reporting CVE-2010-4249, Vasiliy Kulikov for reporting\n CVE-2010-3876, Kees Cook for reporting CVE-2010-4072, and Dan Rosenberg for\n reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\n CVE-2010-4158.\n\n This update also fixes the following bugs:\n\n * A flaw was found in the Linux kernel where, if used in conjunction with\n another flaw that can result in a kernel Oops, could possibly lead to\n privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\n sysctl panic_on_oops variable is turned on by default. However, as a\n preventive measure if the variable is turned off by an administrator, this\n update addresses the issue. Red Hat would like to thank Nelson Elhage for\n reporting this vulnerability. (BZ#659568)\n\n * On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\n achieved by using page-based sk_buff buffers without any packet split. The\n entire frame data is copied to the page(s) rather than some to the\n skb->data area and some to the page(s) when performing a typical\n packet-split. This caused problems with the filtering code and frames were\n getting dropped before they were received by list ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-11T11:07:33", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0162 centos4 x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:881399", "href": "http://plugins.openvas.org/nasl.php?oid=881399", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0162 centos4 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A heap overflow flaw was found in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC) implementation. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3859, Important)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use these flaws to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n \n * A flaw was found in the Linux kernel's garbage collector for AF_UNIX\n sockets. A local, unprivileged user could use this flaw to trigger a\n denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n \n * Missing initialization flaws were found in the Linux kernel. A local,\n unprivileged user could use these flaws to cause information leaks.\n (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\n CVE-2010-4083, CVE-2010-4158, Low)\n \n Red Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\n Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\n CVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\n reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\n CVE-2010-4158.\n \n This update also fixes the following bugs:\n \n * A flaw was found in the Linux kernel where, if used in conjunction with\n another flaw that can result in a kernel Oops, could possibly lead to\n privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\n sysctl panic_on_oops variable is turned on by default. However, as a\n preventive measure if the variable is turned off by an administrator, this\n update addresses the issue. Red Hat would like to thank Nelson Elhage for\n reporting this vulnerability. (BZ#659568)\n \n * On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\n achieved by using page-based sk_buff buffers without any packet split. The\n entire frame data is copied to the page(s) rather than some to the\n skb->data area and some to the page(s) when performing a typical\n packet-split. This caused problems with the filtering code and frames were\n getting dropped before they were received by list ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017246.html\");\n script_id(881399);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:44:54 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-3859\", \"CVE-2010-3876\", \"CVE-2010-4072\", \"CVE-2010-4073\",\n \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4083\", \"CVE-2010-4157\",\n \"CVE-2010-4158\", \"CVE-2010-4242\", \"CVE-2010-4249\", \"CVE-2010-4258\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0162\");\n script_name(\"CentOS Update for kernel CESA-2011:0162 centos4 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:18", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0162-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870380", "href": "http://plugins.openvas.org/nasl.php?oid=870380", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0162-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A heap overflow flaw was found in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC) implementation. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3859, Important)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use these flaws to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n \n * A flaw was found in the Linux kernel's garbage collector for AF_UNIX\n sockets. A local, unprivileged user could use this flaw to trigger a\n denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n \n * Missing initialization flaws were found in the Linux kernel. A local,\n unprivileged user could use these flaws to cause information leaks.\n (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\n CVE-2010-4083, CVE-2010-4158, Low)\n \n Red Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\n Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\n CVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\n reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\n CVE-2010-4158.\n \n This update also fixes the following bugs:\n \n * A flaw was found in the Linux kernel where, if used in conjunction with\n another flaw that can result in a kernel Oops, could possibly lead to\n privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\n sysctl panic_on_oops variable is turned on by default. However, as a\n preventive measure if the variable is turned off by an administrator, this\n update addresses the issue. Red Hat would like to thank Nelson Elhage for\n reporting this vulnerability. (BZ#659568)\n \n * On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\n achieved by using page-based sk_buff buffers without any packet split. The\n entire frame data is copied to the page(s) rather than some to the\n skb->data area and some to the page(s) when performing a typical\n packet-split. T ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00015.html\");\n script_id(870380);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0162-01\");\n script_cve_id(\"CVE-2010-3859\", \"CVE-2010-3876\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4242\", \"CVE-2010-4249\", \"CVE-2010-4258\");\n script_name(\"RedHat Update for kernel RHSA-2011:0162-01\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp\", rpm:\"kernel-largesmp~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-largesmp-devel\", rpm:\"kernel-largesmp-devel~2.6.9~89.35.1.EL\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:57", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-01-31T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0162 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880459", "href": "http://plugins.openvas.org/nasl.php?oid=880459", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2011:0162 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A heap overflow flaw was found in the Linux kernel's Transparent\n Inter-Process Communication protocol (TIPC) implementation. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3859, Important)\n \n * Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\n in the Linux kernel. A local user with access to "/dev/gdth" on a 64-bit\n system could use these flaws to cause a denial of service or escalate their\n privileges. (CVE-2010-4157, Moderate)\n \n * A NULL pointer dereference flaw was found in the Bluetooth HCI UART\n driver in the Linux kernel. A local, unprivileged user could use this flaw\n to cause a denial of service. (CVE-2010-4242, Moderate)\n \n * A flaw was found in the Linux kernel's garbage collector for AF_UNIX\n sockets. A local, unprivileged user could use this flaw to trigger a\n denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n \n * Missing initialization flaws were found in the Linux kernel. A local,\n unprivileged user could use these flaws to cause information leaks.\n (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\n CVE-2010-4083, CVE-2010-4158, Low)\n \n Red Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\n Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\n CVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\n reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\n CVE-2010-4158.\n \n This update also fixes the following bugs:\n \n * A flaw was found in the Linux kernel where, if used in conjunction with\n another flaw that can result in a kernel Oops, could possibly lead to\n privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\n sysctl panic_on_oops variable is turned on by default. However, as a\n preventive measure if the variable is turned off by an administrator, this\n update addresses the issue. Red Hat would like to thank Nelson Elhage for\n reporting this vulnerability. (BZ#659568)\n \n * On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\n achieved by using page-based sk_buff buffers without any packet split. The\n entire frame data is copied to the page(s) rather than some to the\n skb->data area and some to the page(s) when performing a typical\n packet-split. This caused problems with the filtering code and frames were\n getting dropped before they were received by list ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-January/017245.html\");\n script_id(880459);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-31 15:15:14 +0100 (Mon, 31 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2011:0162\");\n script_cve_id(\"CVE-2010-3859\", \"CVE-2010-3876\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4242\", \"CVE-2010-4249\", \"CVE-2010-4258\");\n script_name(\"CentOS Update for kernel CESA-2011:0162 centos4 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem\", rpm:\"kernel-hugemem~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-hugemem-devel\", rpm:\"kernel-hugemem-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp-devel\", rpm:\"kernel-smp-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU\", rpm:\"kernel-xenU~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xenU-devel\", rpm:\"kernel-xenU-devel~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.9~89.35.1.EL\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:25", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-2", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840601", "href": "http://plugins.openvas.org/nasl.php?oid=840601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_2.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides\n the corresponding updates for the Linux kernel for use with EC2.\n\n Original advisory details:\n \n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n \n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n \n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n \n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1080-2\";\ntag_affected = \"linux-ec2 vulnerabilities on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1080-2/\");\n script_id(840601);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1080-2\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:26:52", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1080-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840600", "href": "http://plugins.openvas.org/nasl.php?oid=840600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux vulnerabilities USN-1080-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n \n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n \n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n \n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n \n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n \n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1080-1\";\ntag_affected = \"linux vulnerabilities on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1080-1/\");\n script_id(840600);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1080-1\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1080-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-virtual\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1080-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840600", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840600", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux vulnerabilities USN-1080-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1080-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840600\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1080-1\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux vulnerabilities USN-1080-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1080-1\");\n script_tag(name:\"affected\", value:\"linux vulnerabilities on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n\n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n\n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-386\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic-pae\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-generic\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-29-virtual\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-29\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-29-generic-pae-di\", ver:\"2.6.32-29.58\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:53", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1080-2", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3865", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-1044", "CVE-2010-4248", "CVE-2010-3880"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840601", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840601", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1080_2.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1080-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840601\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1080-2\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4248\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4527\", \"CVE-2010-4649\", \"CVE-2011-1044\");\n script_name(\"Ubuntu Update for linux-ec2 vulnerabilities USN-1080-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1080-2\");\n script_tag(name:\"affected\", value:\"linux-ec2 vulnerabilities on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides\n the corresponding updates for the Linux kernel for use with EC2.\n\n Original advisory details:\n\n Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n It was discovered that multithreaded exec did not handle CPU timers\n correctly. A local attacker could exploit this to crash the system, leading\n to a denial of service. (CVE-2010-4248)\n\n Krishna Gudipati discovered that the bfa adapter driver did not correctly\n initialize certain structures. A local attacker could read files in /sys to\n crash the system, leading to a denial of service. (CVE-2010-4343)\n\n Tavis Ormandy discovered that the install_special_mapping function could\n bypass the mmap_min_addr restriction. A local attacker could exploit this\n to mmap 4096 bytes below the mmap_min_addr area, possibly improving the\n chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\n It was discovered that the ICMP stack did not correctly handle certain\n unreachable messages. If a remote attacker were able to acquire a socket\n lock, they could send specially crafted traffic that would crash the\n system, leading to a denial of service. (CVE-2010-4526)\n\n Dan Rosenberg discovered that the OSS subsystem did not handle name\n termination correctly. A local attacker could exploit this crash the system\n or gain root privileges. (CVE-2010-4527)\n\n Dan Carpenter discovered that the Infiniband driver did not correctly\n handle certain requests. A local user could exploit this to crash the\n system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-313-ec2\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-313\", ver:\"2.6.32-313.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:40", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1164-1", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-fsl-imx51 USN-1164-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1017", "CVE-2011-0521", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4529", "CVE-2010-4346", "CVE-2011-1746", "CVE-2011-0695", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4082", "CVE-2011-1494", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4656", "CVE-2010-3876", "CVE-2011-0463", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4258", "CVE-2011-0712", "CVE-2011-1747", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4342", "CVE-2011-1593", "CVE-2011-1748", "CVE-2010-4164", "CVE-2011-1745", "CVE-2011-1182", "CVE-2010-4565", "CVE-2010-4655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1164_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-fsl-imx51 USN-1164-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1164-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840693\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1164-1\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4164\", \"CVE-2010-4248\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2010-4655\", \"CVE-2010-4656\", \"CVE-2011-0463\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0712\", \"CVE-2011-1017\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1748\");\n script_name(\"Ubuntu Update for linux-fsl-imx51 USN-1164-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1164-1\");\n script_tag(name:\"affected\", value:\"linux-fsl-imx51 on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Dan Rosenberg discovered that the CAN protocol on 64bit systems did not\n correctly calculate the size of certain buffers. A local attacker could\n exploit this to crash the system or possibly execute arbitrary code as the\n root user. (CVE-2010-3874)\n\n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n\n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n\n Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver\n did not correctly clear kernel memory. A local attacker could exploit this\n to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,\n CVE-2010-4081)\n\n Dan Rosenberg discovered that the VIA video driver did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4082)\n\n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n\n James Bottomley discovered that the ICP vortex storage array controller\n driver did not validate certain sizes. A local attacker on a 64bit system\n could exploit this to crash the kernel, leading to a denial of service.\n (CVE-2010-4157)\n\n Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If\n a system was using X.25, a remote attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4164)\n\n It was discovered that multithreaded exec did not handle CPU timers\n c ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-609-imx51\", ver:\"2.6.31-609.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:27:37", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1164-1", "cvss3": {}, "published": "2011-07-08T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-fsl-imx51 USN-1164-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1017", "CVE-2011-0521", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4529", "CVE-2010-4346", "CVE-2011-1746", "CVE-2011-0695", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-4082", "CVE-2011-1494", "CVE-2010-4080", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4656", "CVE-2010-3876", "CVE-2011-0463", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4258", "CVE-2011-0712", "CVE-2011-1747", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4342", "CVE-2011-1593", "CVE-2011-1748", "CVE-2010-4164", "CVE-2011-1745", "CVE-2011-1182", "CVE-2010-4565", "CVE-2010-4655"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840693", "href": "http://plugins.openvas.org/nasl.php?oid=840693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1164_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-fsl-imx51 USN-1164-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Thomas Pollet discovered that the RDS network protocol did not check\n certain iovec buffers. A local attacker could exploit this to crash the\n system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\n Dan Rosenberg discovered that the CAN protocol on 64bit systems did not\n correctly calculate the size of certain buffers. A local attacker could\n exploit this to crash the system or possibly execute arbitrary code as the\n root user. (CVE-2010-3874)\n \n Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did\n not correctly clear kernel memory. A local attacker could exploit this to\n read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n \n Vasiliy Kulikov discovered that the Linux kernel sockets implementation did\n not properly initialize certain structures. A local attacker could exploit\n this to read kernel stack memory, leading to a loss of privacy.\n (CVE-2010-3876)\n \n Vasiliy Kulikov discovered that the TIPC interface did not correctly\n initialize certain structures. A local attacker could exploit this to read\n kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n \n Nelson Elhage discovered that the Linux kernel IPv4 implementation did not\n properly audit certain bytecodes in netlink messages. A local attacker\n could exploit this to cause the kernel to hang, leading to a denial of\n service. (CVE-2010-3880)\n \n Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver\n did not correctly clear kernel memory. A local attacker could exploit this\n to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080,\n CVE-2010-4081)\n \n Dan Rosenberg discovered that the VIA video driver did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4082)\n \n Dan Rosenberg discovered that the semctl syscall did not correctly clear\n kernel memory. A local attacker could exploit this to read kernel stack\n memory, leading to a loss of privacy. (CVE-2010-4083)\n \n James Bottomley discovered that the ICP vortex storage array controller\n driver did not validate certain sizes. A local attacker on a 64bit system\n could exploit this to crash the kernel, leading to a denial of service.\n (CVE-2010-4157)\n \n Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If\n a system was using X.25, a remote attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-4164)\n \n It was discovered that multithreaded exec did not handle CPU timers\n c ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1164-1\";\ntag_affected = \"linux-fsl-imx51 on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1164-1/\");\n script_id(840693);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1164-1\");\n script_cve_id(\"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4164\", \"CVE-2010-4248\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2010-4655\", \"CVE-2010-4656\", \"CVE-2011-0463\", \"CVE-2011-0521\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0712\", \"CVE-2011-1017\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1748\");\n script_name(\"Ubuntu Update for linux-fsl-imx51 USN-1164-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-609-imx51\", ver:\"2.6.31-609.26\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:35", "description": "Oracle Linux Local Security Checks ELSA-2011-0007", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0007", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-2492", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4525", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-2803", "CVE-2010-3084", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-4077", "CVE-2010-3861", "CVE-2010-4075", "CVE-2010-3301"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122244", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0007.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122244\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:22 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0007\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0007 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0007\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0007.html\");\n script_cve_id(\"CVE-2010-2492\", \"CVE-2010-2803\", \"CVE-2010-2955\", \"CVE-2010-2962\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3084\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3477\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-3904\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4075\", \"CVE-2010-4077\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4242\", \"CVE-2010-4248\", \"CVE-2010-4249\", \"CVE-2010-4263\", \"CVE-2010-4525\", \"CVE-2010-4668\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0283-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4243"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870664", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870664", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0283-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-February/msg00026.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870664\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:44:39 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4243\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0283-01\");\n script_name(\"RedHat Update for kernel RHSA-2011:0283-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A divide-by-zero flaw was found in the tcp_select_initial_window()\n function in the Linux kernel's TCP/IP protocol suite implementation. A\n local, unprivileged user could use this flaw to trigger a denial of service\n by calling setsockopt() with certain options. (CVE-2010-4165, Moderate)\n\n * A use-after-free flaw in the mprotect() system call in the Linux kernel\n could allow a local, unprivileged user to cause a local denial of service.\n (CVE-2010-4169, Moderate)\n\n * A flaw was found in the Linux kernel execve() system call implementation.\n A local, unprivileged user could cause large amounts of memory to be\n allocated but not visible to the OOM (Out of Memory) killer, triggering a\n denial of service. (CVE-2010-4243, Moderate)\n\n Red Hat would like to thank Steve Chen for reporting CVE-2010-4165, and\n Brad Spengler for reporting CVE-2010-4243.\n\n This update also fixes several bugs and adds two enhancements.\n Documentation for these bug fixes and enhancements will be available\n shortly from the Technical Notes document linked to in the References\n section.\n\n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues, and fix the bugs and add the enhancements\n noted in the Technical Notes. The system must be rebooted for this update\n to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:57:25", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2012-07-09T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0283-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4243"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:870664", "href": "http://plugins.openvas.org/nasl.php?oid=870664", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2011:0283-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A divide-by-zero flaw was found in the tcp_select_initial_window()\n function in the Linux kernel's TCP/IP protocol suite implementation. A\n local, unprivileged user could use this flaw to trigger a denial of service\n by calling setsockopt() with certain options. (CVE-2010-4165, Moderate)\n\n * A use-after-free flaw in the mprotect() system call in the Linux kernel\n could allow a local, unprivileged user to cause a local denial of service.\n (CVE-2010-4169, Moderate)\n\n * A flaw was found in the Linux kernel execve() system call implementation.\n A local, unprivileged user could cause large amounts of memory to be\n allocated but not visible to the OOM (Out of Memory) killer, triggering a\n denial of service. (CVE-2010-4243, Moderate)\n\n Red Hat would like to thank Steve Chen for reporting CVE-2010-4165, and\n Brad Spengler for reporting CVE-2010-4243.\n\n This update also fixes several bugs and adds two enhancements.\n Documentation for these bug fixes and enhancements will be available\n shortly from the Technical Notes document linked to in the References\n section.\n\n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues, and fix the bugs and add the enhancements\n noted in the Technical Notes. The system must be rebooted for this update\n to take effect.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-February/msg00026.html\");\n script_id(870664);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:44:39 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4243\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0283-01\");\n script_name(\"RedHat Update for kernel RHSA-2011:0283-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~71.18.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:35:58", "description": "Oracle Linux Local Security Checks ELSA-2011-0283", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0283", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4165", "CVE-2010-4169", "CVE-2010-4243"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122239", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122239", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0283.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122239\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:16 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0283\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0283 - kernel security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0283\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0283.html\");\n script_cve_id(\"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4243\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.18.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-18T00:00:00", "type": "openvas", "title": "Mandriva Update for kernel MDVSA-2011:029 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4163", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-3437", "CVE-2010-3859", "CVE-2010-3310", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4158", "CVE-2010-3698", "CVE-2010-3015", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-3874", "CVE-2010-3067", "CVE-2010-4164", "CVE-2009-2406", "CVE-2009-4307", "CVE-2010-3873", "CVE-2010-4565"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831331", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831331", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kernel MDVSA-2011:029 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-02/msg00011.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831331\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-18 15:15:05 +0100 (Fri, 18 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:029\");\n script_cve_id(\"CVE-2010-4164\", \"CVE-2010-3873\", \"CVE-2010-4565\", \"CVE-2010-4346\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4163\", \"CVE-2009-4307\", \"CVE-2010-4162\", \"CVE-2010-3015\", \"CVE-2010-4258\", \"CVE-2010-3875\", \"CVE-2010-3067\", \"CVE-2010-4248\", \"CVE-2010-3437\", \"CVE-2010-3877\", \"CVE-2009-2406\", \"CVE-2010-3859\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3705\", \"CVE-2010-4165\", \"CVE-2010-3310\", \"CVE-2010-3698\");\n script_name(\"Mandriva Update for kernel MDVSA-2011:029 (kernel)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_mes5\");\n script_tag(name:\"affected\", value:\"kernel on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"A vulnerability was discovered and corrected in the Linux 2.6 kernel:\n The X.25 implementation does not properly parse facilities, which\n allows remote attackers to cause a denial of service (heap memory\n corruption and panic) or possibly have\n unspecified other impact via malformed data, a different vulnerability\n than CVE-2010-4164. (CVE-2010-3873)\n\n The bcm_connect function Broadcast Manager in the Controller Area\n Network (CAN) implementation in the Linux creates a publicly accessible\n file with a filename containing a kernel memory address, which allows\n local users to obtain potentially sensitive information about kernel\n memory use by listing this filename. (CVE-2010-4565)\n\n The install_special_mapping function in mm/mmap.c does not make an\n expected security_file_mmap function call, which allows local users\n to bypass intended mmap_min_addr restrictions and possibly conduct\n NULL pointer dereference attacks via a crafted assembly-language\n application. (CVE-2010-4346)\n\n The sk_run_filter function does not check whether a certain memory\n location has been initialized before executing a BPF_S_LD_MEM\n or BPF_S_LDX_MEM instruction, which allows local users to obtain\n potentially sensitive information from kernel stack memory via a\n crafted socket filter. (CVE-2010-4158)\n\n Heap-based buffer overflow in the bcm_connect function the Broadcast\n Manager in the Controller Area Network (CAN)on 64-bit platforms might\n allow local users to cause a denial of service (memory corruption)\n via a connect operation. (CVE-2010-3874)\n\n The blk_rq_map_user_iov function in block/blk-map.c allows local\n users to cause a denial of service (panic) via a zero-length I/O\n request in a device ioctl to a SCSI device. (CVE-2010-4163)\n\n Multiple integer underflows in the x25_parse_facilities function in\n allow remote attackers to cause a denial of service (system crash)\n via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3)\n X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data. (CVE-2010-4164)\n\n Race condition in the do_setlk function allows local users to cause a\n denial of service (crash) via vectors resulting in an interrupted RPC\n call that leads to a stray FL_POSIX lock, related to improper handling\n of a race between fcntl and close in the EINTR case. (CVE-2009-4307)\n\n Multiple integer overflows in fs/bio.c allow local users to cause\n a denial of service (system crash) via a crafted device ioctl to a\n SCSI device. (CVE-2010-4162)\n\n Integer overflow in the ext4_ext_get_blocks function in\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.56-desktop\", rpm:\"drm-experimental-kernel-2.6.27.56-desktop~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.56-desktop586\", rpm:\"drm-experimental-kernel-2.6.27.56-desktop586~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.56-server\", rpm:\"drm-experimental-kernel-2.6.27.56-server~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20110216.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20110216.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20110216.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.56-desktop\", rpm:\"fglrx-kernel-2.6.27.56-desktop~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.56-desktop586\", rpm:\"fglrx-kernel-2.6.27.56-desktop586~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.56-server\", rpm:\"fglrx-kernel-2.6.27.56-server~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.56-desktop\", rpm:\"iscsitarget-kernel-2.6.27.56-desktop~2mnb~0.4.16~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.56-desktop586\", rpm:\"iscsitarget-kernel-2.6.27.56-desktop586~2mnb~0.4.16~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.56-server\", rpm:\"iscsitarget-kernel-2.6.27.56-server~2mnb~0.4.16~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20110216.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20110216.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20110216.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586\", rpm:\"kernel-desktop586~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel\", rpm:\"kernel-desktop586-devel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server\", rpm:\"kernel-server~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel\", rpm:\"kernel-server-devel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.56-desktop\", rpm:\"kqemu-kernel-2.6.27.56-desktop~2mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.56-desktop586\", rpm:\"kqemu-kernel-2.6.27.56-desktop586~2mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.56~server~2mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20110216.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20110216.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20110216.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-desktop\", rpm:\"libafs-kernel-2.6.27.56-desktop~2mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-desktop586\", rpm:\"libafs-kernel-2.6.27.56-desktop586~2mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-server\", rpm:\"libafs-kernel-2.6.27.56-server~2mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-desktop586-latest\", rpm:\"libafs-kernel-desktop586-latest~1.4.7~1.20110216.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20110216.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20110216.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.56-desktop\", rpm:\"madwifi-kernel-2.6.27.56-desktop~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.56-desktop586\", rpm:\"madwifi-kernel-2.6.27.56-desktop586~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.56-server\", rpm:\"madwifi-kernel-2.6.27.56-server~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20110216.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20110216.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20110216.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.56-desktop\", rpm:\"nvidia173-kernel-2.6.27.56-desktop~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.56-desktop586\", rpm:\"nvidia173-kernel-2.6.27.56-desktop586~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20110216.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20110216.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.56-desktop\", rpm:\"nvidia71xx-kernel-2.6.27.56-desktop~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.56-desktop586\", rpm:\"nvidia71xx-kernel-2.6.27.56-desktop586~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.56-server\", rpm:\"nvidia71xx-kernel-2.6.27.56-server~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.56-desktop\", rpm:\"nvidia96xx-kernel-2.6.27.56-desktop~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.56-desktop586\", rpm:\"nvidia96xx-kernel-2.6.27.56-desktop586~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.56-server\", rpm:\"nvidia96xx-kernel-2.6.27.56-server~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.56-desktop~2mnb\", rpm:\"nvidia-current-kernel-2.6.27.56-desktop~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.56-desktop586\", rpm:\"nvidia-current-kernel-2.6.27.56-desktop586~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.56-server\", rpm:\"nvidia-current-kernel-2.6.27.56-server~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20110216.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20110216.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20110216.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.56-desktop\", rpm:\"vpnclient-kernel-2.6.27.56-desktop~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.56-desktop586\", rpm:\"vpnclient-kernel-2.6.27.56-desktop586~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.56-server\", rpm:\"vpnclient-kernel-2.6.27.56-server~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20110217.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20110217.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20110217.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20110217.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-desktop\", rpm:\"libafs-kernel-2.6.27.56-desktop~2mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-server\", rpm:\"libafs-kernel-2.6.27.56-server~2mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20110217.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20110217.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20110217.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20110217.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.56~server~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20110217.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-server-latest\", rpm:\"nvidia173-kernel-server-latest~173.14.12~1.20110217.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20110217.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20110217.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20110217.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20110217.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:24", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-02-18T00:00:00", "type": "openvas", "title": "Mandriva Update for kernel MDVSA-2011:029 (kernel)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4163", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-3437", "CVE-2010-3859", "CVE-2010-3310", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4158", "CVE-2010-3698", "CVE-2010-3015", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-3874", "CVE-2010-3067", "CVE-2010-4164", "CVE-2009-2406", "CVE-2009-4307", "CVE-2010-3873", "CVE-2010-4565"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831331", "href": "http://plugins.openvas.org/nasl.php?oid=831331", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for kernel MDVSA-2011:029 (kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability was discovered and corrected in the Linux 2.6 kernel:\n The X.25 implementation does not properly parse facilities, which\n allows remote attackers to cause a denial of service (heap memory\n corruption and panic) or possibly have\n unspecified other impact via malformed data, a different vulnerability\n than CVE-2010-4164. (CVE-2010-3873)\n\n The bcm_connect function Broadcast Manager in the Controller Area\n Network (CAN) implementation in the Linux creates a publicly accessible\n file with a filename containing a kernel memory address, which allows\n local users to obtain potentially sensitive information about kernel\n memory use by listing this filename. (CVE-2010-4565)\n \n The install_special_mapping function in mm/mmap.c does not make an\n expected security_file_mmap function call, which allows local users\n to bypass intended mmap_min_addr restrictions and possibly conduct\n NULL pointer dereference attacks via a crafted assembly-language\n application. (CVE-2010-4346)\n \n The sk_run_filter function does not check whether a certain memory\n location has been initialized before executing a BPF_S_LD_MEM\n or BPF_S_LDX_MEM instruction, which allows local users to obtain\n potentially sensitive information from kernel stack memory via a\n crafted socket filter. (CVE-2010-4158)\n \n Heap-based buffer overflow in the bcm_connect function the Broadcast\n Manager in the Controller Area Network (CAN)on 64-bit platforms might\n allow local users to cause a denial of service (memory corruption)\n via a connect operation. (CVE-2010-3874)\n \n The blk_rq_map_user_iov function in block/blk-map.c allows local\n users to cause a denial of service (panic) via a zero-length I/O\n request in a device ioctl to a SCSI device. (CVE-2010-4163)\n \n Multiple integer underflows in the x25_parse_facilities function in\n allow remote attackers to cause a denial of service (system crash)\n via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3)\n X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data. (CVE-2010-4164)\n \n Race condition in the do_setlk function allows local users to cause a\n denial of service (crash) via vectors resulting in an interrupted RPC\n call that leads to a stray FL_POSIX lock, related to improper handling\n of a race between fcntl and close in the EINTR case. (CVE-2009-4307)\n \n Multiple integer overflows in fs/bio.c allow local users to cause\n a denial of service (system crash) via a crafted device ioctl to a\n SCSI device. (CVE-2010-4162)\n \n Integer overflow in the ext4_ext_get_blocks function in\n ... \n\n Description truncated, for more information please check the Reference URL\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-02/msg00011.php\");\n script_id(831331);\n script_version(\"$Revision: 6565 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 14:56:06 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-18 15:15:05 +0100 (Fri, 18 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:029\");\n script_cve_id(\"CVE-2010-4164\", \"CVE-2010-3873\", \"CVE-2010-4565\", \"CVE-2010-4346\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4163\", \"CVE-2009-4307\", \"CVE-2010-4162\", \"CVE-2010-3015\", \"CVE-2010-4258\", \"CVE-2010-3875\", \"CVE-2010-3067\", \"CVE-2010-4248\", \"CVE-2010-3437\", \"CVE-2010-3877\", \"CVE-2009-2406\", \"CVE-2010-3859\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3705\", \"CVE-2010-4165\", \"CVE-2010-3310\", \"CVE-2010-3698\");\n script_name(\"Mandriva Update for kernel MDVSA-2011:029 (kernel)\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.56-desktop\", rpm:\"drm-experimental-kernel-2.6.27.56-desktop~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.56-desktop586\", rpm:\"drm-experimental-kernel-2.6.27.56-desktop586~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-2.6.27.56-server\", rpm:\"drm-experimental-kernel-2.6.27.56-server~2mnb~2.3.0~2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop586-latest\", rpm:\"drm-experimental-kernel-desktop586-latest~2.3.0~1.20110216.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-desktop-latest\", rpm:\"drm-experimental-kernel-desktop-latest~2.3.0~1.20110216.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"drm-experimental-kernel-server-latest\", rpm:\"drm-experimental-kernel-server-latest~2.3.0~1.20110216.2.20080912.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.56-desktop\", rpm:\"fglrx-kernel-2.6.27.56-desktop~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.56-desktop586\", rpm:\"fglrx-kernel-2.6.27.56-desktop586~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-2.6.27.56-server\", rpm:\"fglrx-kernel-2.6.27.56-server~2mnb~8.522~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop586-latest\", rpm:\"fglrx-kernel-desktop586-latest~8.522~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-desktop-latest\", rpm:\"fglrx-kernel-desktop-latest~8.522~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"fglrx-kernel-server-latest\", rpm:\"fglrx-kernel-server-latest~8.522~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.56-desktop\", rpm:\"iscsitarget-kernel-2.6.27.56-desktop~2mnb~0.4.16~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.56-desktop586\", rpm:\"iscsitarget-kernel-2.6.27.56-desktop586~2mnb~0.4.16~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-2.6.27.56-server\", rpm:\"iscsitarget-kernel-2.6.27.56-server~2mnb~0.4.16~4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop586-latest\", rpm:\"iscsitarget-kernel-desktop586-latest~0.4.16~1.20110216.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20110216.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20110216.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586\", rpm:\"kernel-desktop586~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel\", rpm:\"kernel-desktop586-devel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-devel-latest\", rpm:\"kernel-desktop586-devel-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop586-latest\", rpm:\"kernel-desktop586-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel-latest\", rpm:\"kernel-desktop-devel-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-latest\", rpm:\"kernel-desktop-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server\", rpm:\"kernel-server~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel\", rpm:\"kernel-server-devel~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-devel-latest\", rpm:\"kernel-server-devel-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-server-latest\", rpm:\"kernel-server-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.27.56~2mnb~1~1mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-latest\", rpm:\"kernel-source-latest~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.56-desktop\", rpm:\"kqemu-kernel-2.6.27.56-desktop~2mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-2.6.27.56-desktop586\", rpm:\"kqemu-kernel-2.6.27.56-desktop586~2mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel\", rpm:\"kqemu-kernel~2.6.27.56~server~2mnb~1.4.0pre1~0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop586-latest\", rpm:\"kqemu-kernel-desktop586-latest~1.4.0pre1~1.20110216.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20110216.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20110216.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-desktop\", rpm:\"libafs-kernel-2.6.27.56-desktop~2mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-desktop586\", rpm:\"libafs-kernel-2.6.27.56-desktop586~2mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-server\", rpm:\"libafs-kernel-2.6.27.56-server~2mnb~1.4.7~5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-desktop586-latest\", rpm:\"libafs-kernel-desktop586-latest~1.4.7~1.20110216.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20110216.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20110216.5.2mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.56-desktop\", rpm:\"madwifi-kernel-2.6.27.56-desktop~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.56-desktop586\", rpm:\"madwifi-kernel-2.6.27.56-desktop586~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-2.6.27.56-server\", rpm:\"madwifi-kernel-2.6.27.56-server~2mnb~0.9.4~3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop586-latest\", rpm:\"madwifi-kernel-desktop586-latest~0.9.4~1.20110216.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20110216.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20110216.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.56-desktop\", rpm:\"nvidia173-kernel-2.6.27.56-desktop~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-2.6.27.56-desktop586\", rpm:\"nvidia173-kernel-2.6.27.56-desktop586~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop586-latest\", rpm:\"nvidia173-kernel-desktop586-latest~173.14.12~1.20110216.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20110216.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.56-desktop\", rpm:\"nvidia71xx-kernel-2.6.27.56-desktop~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.56-desktop586\", rpm:\"nvidia71xx-kernel-2.6.27.56-desktop586~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-2.6.27.56-server\", rpm:\"nvidia71xx-kernel-2.6.27.56-server~2mnb~71.86.06~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop586-latest\", rpm:\"nvidia71xx-kernel-desktop586-latest~71.86.06~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.56-desktop\", rpm:\"nvidia96xx-kernel-2.6.27.56-desktop~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.56-desktop586\", rpm:\"nvidia96xx-kernel-2.6.27.56-desktop586~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-2.6.27.56-server\", rpm:\"nvidia96xx-kernel-2.6.27.56-server~2mnb~96.43.07~5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop586-latest\", rpm:\"nvidia96xx-kernel-desktop586-latest~96.43.07~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20110216.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.56-desktop~2mnb\", rpm:\"nvidia-current-kernel-2.6.27.56-desktop~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.56-desktop586\", rpm:\"nvidia-current-kernel-2.6.27.56-desktop586~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-2.6.27.56-server\", rpm:\"nvidia-current-kernel-2.6.27.56-server~2mnb~177.70~2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop586-latest\", rpm:\"nvidia-current-kernel-desktop586-latest~177.70~1.20110216.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20110216.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20110216.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.56-desktop\", rpm:\"vpnclient-kernel-2.6.27.56-desktop~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.56-desktop586\", rpm:\"vpnclient-kernel-2.6.27.56-desktop586~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-2.6.27.56-server\", rpm:\"vpnclient-kernel-2.6.27.56-server~2mnb~4.8.01.0640~3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop586-latest\", rpm:\"vpnclient-kernel-desktop586-latest~4.8.01.0640~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20110216.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.27.56~2mnb2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-desktop-latest\", rpm:\"iscsitarget-kernel-desktop-latest~0.4.16~1.20110217.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"iscsitarget-kernel-server-latest\", rpm:\"iscsitarget-kernel-server-latest~0.4.16~1.20110217.4.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-desktop-latest\", rpm:\"kqemu-kernel-desktop-latest~1.4.0pre1~1.20110217.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kqemu-kernel-server-latest\", rpm:\"kqemu-kernel-server-latest~1.4.0pre1~1.20110217.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-desktop\", rpm:\"libafs-kernel-2.6.27.56-desktop~2mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-2.6.27.56-server\", rpm:\"libafs-kernel-2.6.27.56-server~2mnb~1.4.7~5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-desktop-latest\", rpm:\"libafs-kernel-desktop-latest~1.4.7~1.20110217.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libafs-kernel-server-latest\", rpm:\"libafs-kernel-server-latest~1.4.7~1.20110217.5.1mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-desktop-latest\", rpm:\"madwifi-kernel-desktop-latest~0.9.4~1.20110217.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"madwifi-kernel-server-latest\", rpm:\"madwifi-kernel-server-latest~0.9.4~1.20110217.3.r3835mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel\", rpm:\"nvidia173-kernel~2.6.27.56~server~2mnb~173.14.12~4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-desktop-latest\", rpm:\"nvidia173-kernel-desktop-latest~173.14.12~1.20110217.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia173-kernel-server-latest\", rpm:\"nvidia173-kernel-server-latest~173.14.12~1.20110217.4mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-desktop-latest\", rpm:\"nvidia71xx-kernel-desktop-latest~71.86.06~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia71xx-kernel-server-latest\", rpm:\"nvidia71xx-kernel-server-latest~71.86.06~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-desktop-latest\", rpm:\"nvidia96xx-kernel-desktop-latest~96.43.07~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia96xx-kernel-server-latest\", rpm:\"nvidia96xx-kernel-server-latest~96.43.07~1.20110217.5mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-desktop-latest\", rpm:\"nvidia-current-kernel-desktop-latest~177.70~1.20110217.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"nvidia-current-kernel-server-latest\", rpm:\"nvidia-current-kernel-server-latest~177.70~1.20110217.2.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-desktop-latest\", rpm:\"vpnclient-kernel-desktop-latest~4.8.01.0640~1.20110217.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"vpnclient-kernel-server-latest\", rpm:\"vpnclient-kernel-server-latest~4.8.01.0640~1.20110217.3mdv2009.0\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:39", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1119-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1119-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-3865", "CVE-2010-4529", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-4527", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3850", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4079", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4342", "CVE-2010-4164", "CVE-2010-2962", "CVE-2010-3873", "CVE-2010-3080", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-3861"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840651", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840651", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1119_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1119-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1119-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840651\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1119-1\");\n script_cve_id(\"CVE-2010-3904\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3081\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3437\", \"CVE-2010-3705\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-4072\", \"CVE-2010-4079\", \"CVE-2010-4158\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4249\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4529\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1119-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1119-1\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered that the RDS network protocol did not correctly\n check certain parameters. A local attacker could exploit this gain root\n privileges. (CVE-2010-3904)\n\n Nelson Elhage discovered several problems with the Acorn Econet protocol\n driver. A local user could cause a denial of service via a NULL pointer\n dereference, escalate privileges by overflowing the kernel stack, and\n assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,\n CVE-2010-3849, CVE-2010-3850)\n\n Ben Hawkes discovered that the Linux kernel did not correctly validate\n memory ranges on 64bit kernels when allocating memory on behalf of 32bit\n system calls. On a 64bit system, a local attacker could perform malicious\n multicast getsockopt calls to gain root privileges. (CVE-2010-3081)\n\n Tavis Ormandy discovered that the IRDA subsystem did not correctly shut\n down. A local attacker could exploit this to cause the system to crash or\n possibly gain root privileges. (CVE-2010-2954)\n\n Brad Spengler discovered that the wireless extensions did not correctly\n validate certain request sizes. A local attacker could exploit this to read\n portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\n Tavis Ormandy discovered that the session keyring did not correctly check\n for its parent. On systems without a default session keyring, a local\n attacker could exploit this to crash the system, leading to a denial of\n service. (CVE-2010-2960)\n\n Kees Cook discovered that the Intel i915 graphics driver did not correctly\n validate memory regions. A local attacker with access to the video card\n could read and write arbitrary kernel memory to gain root privileges.\n (CVE-2010-2962)\n\n Kees Cook discovered that the V4L1 32bit compat interface did not correctly\n validate certain parameters. A local attacker on a 64bit system with access\n to a video device could exploit this to gain root privileges.\n (CVE-2010-2963)\n\n Robert Swiecki discovered that ftrace did not correctly handle mutexes. A\n local attacker could exploit this to crash the kernel, leading to a denial\n of service. (CVE-2010-3079)\n\n Tavis Ormandy discovered that the OSS sequencer device did not correctly\n shut down. A local attacker could exploit this to crash the system or\n possibly gain root privileges. (CVE-2010-3080)\n\n Dan Rosenberg discovered that the CD driver did not correctly check\n parameters. A local attacker could exploit this to read arbitrary kernel\n memory, leading to a loss of privacy. (CVE-2010-3437)\n\n Dan Rosenberg discovered that SCTP did not correctly handle HMAC\n calcu ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-903-omap4\", ver:\"2.6.35-903.22\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:17", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1119-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1119-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-3865", "CVE-2010-4529", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-4527", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3850", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4079", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4342", "CVE-2010-4164", "CVE-2010-2962", "CVE-2010-3873", "CVE-2010-3080", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-3861"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840651", "href": "http://plugins.openvas.org/nasl.php?oid=840651", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1119_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1119-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered that the RDS network protocol did not correctly\n check certain parameters. A local attacker could exploit this gain root\n privileges. (CVE-2010-3904)\n\n Nelson Elhage discovered several problems with the Acorn Econet protocol\n driver. A local user could cause a denial of service via a NULL pointer\n dereference, escalate privileges by overflowing the kernel stack, and\n assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,\n CVE-2010-3849, CVE-2010-3850)\n \n Ben Hawkes discovered that the Linux kernel did not correctly validate\n memory ranges on 64bit kernels when allocating memory on behalf of 32bit\n system calls. On a 64bit system, a local attacker could perform malicious\n multicast getsockopt calls to gain root privileges. (CVE-2010-3081)\n \n Tavis Ormandy discovered that the IRDA subsystem did not correctly shut\n down. A local attacker could exploit this to cause the system to crash or\n possibly gain root privileges. (CVE-2010-2954)\n \n Brad Spengler discovered that the wireless extensions did not correctly\n validate certain request sizes. A local attacker could exploit this to read\n portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n \n Tavis Ormandy discovered that the session keyring did not correctly check\n for its parent. On systems without a default session keyring, a local\n attacker could exploit this to crash the system, leading to a denial of\n service. (CVE-2010-2960)\n \n Kees Cook discovered that the Intel i915 graphics driver did not correctly\n validate memory regions. A local attacker with access to the video card\n could read and write arbitrary kernel memory to gain root privileges.\n (CVE-2010-2962)\n \n Kees Cook discovered that the V4L1 32bit compat interface did not correctly\n validate certain parameters. A local attacker on a 64bit system with access\n to a video device could exploit this to gain root privileges.\n (CVE-2010-2963)\n \n Robert Swiecki discovered that ftrace did not correctly handle mutexes. A\n local attacker could exploit this to crash the kernel, leading to a denial\n of service. (CVE-2010-3079)\n \n Tavis Ormandy discovered that the OSS sequencer device did not correctly\n shut down. A local attacker could exploit this to crash the system or\n possibly gain root privileges. (CVE-2010-3080)\n \n Dan Rosenberg discovered that the CD driver did not correctly check\n parameters. A local attacker could exploit this to read arbitrary kernel\n memory, leading to a loss of privacy. (CVE-2010-3437)\n \n Dan Rosenberg discovered that SCTP did not correctly handle HMAC\n calcu ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1119-1\";\ntag_affected = \"linux-ti-omap4 on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1119-1/\");\n script_id(840651);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1119-1\");\n script_cve_id(\"CVE-2010-3904\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3081\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3437\", \"CVE-2010-3705\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-4072\", \"CVE-2010-4079\", \"CVE-2010-4158\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4249\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4529\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1119-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-903-omap4\", ver:\"2.6.35-903.22\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:24", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18983", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2071", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310862749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18983\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862749\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18983\");\n script_cve_id(\"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18983\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.7~66.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:17:55", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18983", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2071", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862749", "href": "http://plugins.openvas.org/nasl.php?oid=862749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18983\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html\");\n script_id(862749);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18983\");\n script_cve_id(\"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18983\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.7~66.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:19", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18493", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-2962", "CVE-2010-4077", "CVE-2010-4075"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:1361412562310862706", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051853.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862706\");\n script_version(\"$Revision: 8250 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 08:29:15 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18493\");\n script_cve_id(\"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4075\", \"CVE-2010-4077\", \"CVE-2010-4248\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18493\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.9~64.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:35", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18493", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-2962", "CVE-2010-4077", "CVE-2010-4075"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862706", "href": "http://plugins.openvas.org/nasl.php?oid=862706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051853.html\");\n script_id(862706);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18493\");\n script_cve_id(\"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4075\", \"CVE-2010-4077\", \"CVE-2010-4248\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18493\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.9~64.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-10-09T15:25:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-16T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:008", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-4529", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2946", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-3310", "CVE-2010-4158", "CVE-2010-3850", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3848", "CVE-2010-4157", "CVE-2010-4342", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3849"], "modified": "2019-10-07T00:00:00", "id": "OPENVAS:1361412562310850159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:008\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850159\");\n script_version(\"2019-10-07T14:34:48+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-07 14:34:48 +0000 (Mon, 07 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2011-02-16 14:19:17 +0100 (Wed, 16 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"SUSE-SA\", value:\"2011-008\");\n script_cve_id(\"CVE-2010-2946\", \"CVE-2010-3067\", \"CVE-2010-3310\", \"CVE-2010-3442\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3873\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4164\", \"CVE-2010-4242\", \"CVE-2010-4258\", \"CVE-2010-4342\", \"CVE-2010-4527\", \"CVE-2010-4529\");\n script_name(\"SuSE Update for kernel SUSE-SA:2011:008\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES9\\.0\");\n script_tag(name:\"impact\", value:\"local privilege escalation, remote denial of service\");\n script_tag(name:\"affected\", value:\"kernel on SUSE SLES 9\");\n script_tag(name:\"insight\", value:\"This patch updates the SUSE Linux Enterprise Server 9 kernel to fix\n various security issues and some bugs.\n\n The following security issues were fixed:\n CVE-2010-4242: The hci_uart_tty_open function in the HCI UART driver\n (drivers/bluetooth/hci_ldisc.c) in the Linux kernel did not verify\n whether the tty has a write operation, which allowed local users\n to cause a denial of service (NULL pointer dereference) via vectors\n related to the Bluetooth driver.\n\n CVE-2010-4527: The load_mixer_volumes function in sound/oss/soundcard.c\n in the OSS sound subsystem in the Linux kernel incorrectly expected\n that a certain name field ends with a '\\0' character, which allowed\n local users to conduct buffer overflow attacks and gain privileges,\n or possibly obtain sensitive information from kernel memory, via a\n SOUND_MIXER_SETLEVELS ioctl call.\n\n CVE-2010-4529: Integer underflow in the irda_getsockopt function in\n net/irda/af_irda.c in the Linux kernel on platforms other than x86\n allowed local users to obtain potentially sensitive information from\n kernel heap memory via an IRLMP_ENUMDEVICES getsockopt call.\n\n CVE-2010-4342: The aun_incoming function in net/econet/af_econet.c in\n the Linux kernel, when Econet is enabled, allowed remote attackers\n to cause a denial of service (NULL pointer dereference and OOPS)\n by sending an Acorn Universal Networking (AUN) packet over UDP.\n\n CVE-2010-2946: fs/jfs/xattr.c in the Linux kernel did not properly\n handle a certain legacy format for storage of extended attributes,\n which might have allowed local users by bypass intended xattr namespace\n restrictions via an 'os2.' substring at the beginning of a name.\n\n CVE-2010-3848: Stack-based buffer overflow in the econet_sendmsg\n function in net/econet/af_econet.c in the Linux kernel, when an\n econet address is configured, allowed local users to gain privileges\n by providing a large number of iovec structures.\n\n CVE-2010-3849: The econet_sendmsg function in net/econet/af_econet.c\n in the Linux kernel, when an econet address is configured, allowed\n local users to cause a denial of service (NULL pointer dereference\n and OOPS) via a sendmsg call that specifies a NULL value for the\n remote address field.\n\n CVE-2010-3850: The ec_dev_ioctl function in net/econet/af_econet.c\n in the Linux kernel does not require the CAP_NET_ADMIN capability,\n which allowed local users to bypass intended access restrictions and\n configure econet addresses via an SIOCSIFADDR ioctl call.\n\n CVE-2010-4258: The do_exit function in kernel/exit.c in the Linux\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"SLES9.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.5~7.325\", rls:\"SLES9.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-smp\", rpm:\"kernel-smp~2.6.5~7.325\", rls:\"SLES9.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.5~7.325\", rls:\"SLES9.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.5~7.325\", rls:\"SLES9.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.5~7.325\", rls:\"SLES9.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-kmp\", rpm:\"xen-kmp~3.0.4_2.6.5_7.325~0.2\", rls:\"SLES9.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-12T11:18:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-02-16T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2011:008", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-4529", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2946", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-3310", "CVE-2010-4158", "CVE-2010-3850", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3848", "CVE-2010-4157", "CVE-2010-4342", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3849"], "modified": "2017-12-08T00:00:00", "id": "OPENVAS:850159", "href": "http://plugins.openvas.org/nasl.php?oid=850159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2011:008\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This patch updates the SUSE Linux Enterprise Server 9 kernel to fix\n various security issues and some bugs.\n\n Following security i

Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1073-1

Description

Related