Ubuntu Update for linux-lts-backport-maverick USN-1242-1

Ubuntu Update for Linux kernel vulnerabilities USN-1242-1. Security vulnerabilities have been discovered in the Linux kernel of linux-lts-backport-maverick on Ubuntu 10.04 LTS, allowing attackers to crash the system, read certain information leading to a loss of privacy, run arbitrary commands, possibly gain privileges, predict sequence numbers, inject packets, and exploit CIFS partitions. Please install the updated packages

Reporter	Title	Published	Views	Family All 506
IBM Security Bulletins	Security Bulletin: Potential DOS due to weak IPv4 and IPv6 sequence numbers in SAN Volume Controller and Storwize Family (CVE-2011-3188)	29 Mar 202301:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM System x and Flex Systems Potential Denial of Service Due to Weak IPv4 and IPv6 Sequence Numbers	16 May 202216:03	–	ibm
IBM Security Bulletins	Security Bulletin: Potential DOS due to weak IPv4 and IPv6 sequence numbers in IBM Storwize V7000 Unified system (CVE-2011-3188)	18 Jun 201800:07	–	ibm
IBM Security Bulletins	Security Bulletin: Flex System Manager (FSM) Denial of Service (CVE-2011-3188)	30 Jan 201908:20	–	ibm
IBM Security Bulletins	Security Bulletin: Potential DOS due to weak IPv4 and IPv6 sequence numbers in SAN Volume Controller and Storwize Family (CVE-2011-3188)	20 Aug 202200:54	–	ibm
Amazon	Medium: kernel	31 Oct 201100:00	–	amazon
Amazon	Medium: kernel	2 Dec 201100:00	–	amazon
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2011-16)	4 Sep 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2011-26)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 5 : kernel (CESA-2011:1212)	23 Sep 201100:00	–	nessus

Source	Link
ubuntu	www.ubuntu.com/usn/usn-1242-1/

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1242_1.nasl 7964 2017-12-01 07:32:11Z santu $
#
# Ubuntu Update for linux-lts-backport-maverick USN-1242-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "It was discovered that the security fix for CVE-2010-4250 introduced a
  regression. A remote attacker could exploit this to crash the system,
  leading to a denial of service. (CVE-2011-1479)

  Vasiliy Kulikov discovered that taskstats did not enforce access
  restrictions. A local attacker could exploit this to read certain
  information, leading to a loss of privacy. (CVE-2011-2494)
  
  Vasiliy Kulikov discovered that /proc/PID/io did not enforce access
  restrictions. A local attacker could exploit this to read certain
  information, leading to a loss of privacy. (CVE-2011-2495)
  
  It was discovered that the EXT4 filesystem contained multiple off-by-one
  flaws. A local attacker could exploit this to crash the system, leading to
  a denial of service. (CVE-2011-2695)
  
  Christian Ohm discovered that the perf command looks for configuration
  files in the current directory. If a privileged user were tricked into
  running perf in a directory containing a malicious configuration file, an
  attacker could run arbitrary commands and possibly gain privileges.
  (CVE-2011-2905)
  
  Vasiliy Kulikov discovered that the Comedi driver did not correctly clear
  memory. A local attacker could exploit this to read kernel stack memory,
  leading to a loss of privacy. (CVE-2011-2909)
  
  Dan Kaminsky discovered that the kernel incorrectly handled random sequence
  number generation. An attacker could use this flaw to possibly predict
  sequence numbers and inject packets. (CVE-2011-3188)
  
  Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had
  no prefixpaths. A local attacker with access to a CIFS partition could
  exploit this to crash the system, leading to a denial of service.
  (CVE-2011-3363)";

tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-1242-1";
tag_affected = "linux-lts-backport-maverick on Ubuntu 10.04 LTS";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-1242-1/");
  script_id(840789);
  script_version("$Revision: 7964 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $");
  script_tag(name:"creation_date", value:"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_xref(name: "USN", value: "1242-1");
  script_cve_id("CVE-2010-4250", "CVE-2011-1479", "CVE-2011-2494", "CVE-2011-2495",
                "CVE-2011-2695", "CVE-2011-2905", "CVE-2011-2909", "CVE-2011-3188",
                "CVE-2011-3363");
  script_name("Ubuntu Update for linux-lts-backport-maverick USN-1242-1");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-deb.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "UBUNTU10.04 LTS")
{

  if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-30-generic", ver:"2.6.35-30.61~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-30-generic-pae", ver:"2.6.35-30.61~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-30-server", ver:"2.6.35-30.61~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-30-virtual", ver:"2.6.35-30.61~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

01 Dec 2017 00:00Current

0.4Low risk

Vulners AI Score0.4

EPSS0.04324