(RHSA-2004:188) Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2
2004-05-11T04:00:00
ID RHSA-2004:188 Type redhat Reporter RedHat Modified 2017-07-29T20:28:55
Description
The Linux kernel handles the basic functions of the
operating system.
This is the second regular kernel update to Red Hat
Enterprise Linux version 3. It contains several minor
security fixes, many bug fixes, device driver updates,
new hardware support, and the introduction of Linux
Syscall Auditing support.
There were bug fixes in many different parts of the kernel,
the bulk of which addressed unusual situations such as error
handling, race conditions, and resource starvation. The
combined effect of the approximately 140 fixes is a strong
improvement in the reliability and durability of Red Hat
Enterprise Linux. Some of the key areas affected are disk
drivers, network drivers, USB support, x86_64 and ppc64
platform support, ia64 32-bit emulation layer enablers,
and the VM, NFS, IPv6, and SCSI subsystems.
A significant change in the SCSI subsystem (the disabling
of the scsi-affine-queue patch) should significantly improve
SCSI disk driver performance in many scenarios. There were
10 Bugzillas against SCSI performance problems addressed
by this change.
The following drivers have been upgraded to new versions:
This update introduces support for the new Intel EM64T
processor. A new "ia32e" architecture has been created to
support booting on platforms based on either the original
AMD Opteron CPU or the new Intel EM64T CPU. The existing
"x86_64" architecture has remained optimized for Opteron
systems. Kernels for both types of systems are built from
the same x86_64-architecture sources and share a common
kernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).
Other highlights in this update include a major upgrade to
the SATA infrastructure, addition of IBM JS20 Power Blade
support, and creation of an optional IBM eServer zSeries
On-Demand Timer facility for reducing idle CPU overhead.
The following security issues were addressed in this update:
A minor flaw was found where /proc/tty/driver/serial reveals
the exact character counts for serial links. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0461 to this issue.
The kernel strncpy() function in Linux 2.4 and 2.5 does not
pad the target buffer with null bytes on architectures other
than x86, as opposed to the expected libc behavior, which
could lead to information leaks. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0465 to this issue.
A minor data leak was found in two real time clock drivers
(for /dev/rtc). The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name
CAN-2003-0984 to this issue.
A flaw in the R128 Direct Render Infrastructure (dri) driver
could allow local privilege escalation. This driver is part
of the kernel-unsupported package. The Common Vulnera-
bilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0003 to this issue.
A flaw in ncp_lookup() in ncpfs could allow local privilege
escalation. The ncpfs module allows a system to mount
volumes of NetWare servers or print to NetWare printers and
is in the kernel-unsupported package. The Common Vulnera-
bilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0010 to this issue.
(Note that the kernel-unsupported package contains drivers
and other modules that are unsupported and therefore might
contain security problems that have not been addressed.)
All Red Hat Enterprise Linux 3 users are advised to upgrade
their kernels to the packages associated with their machine
architectures and configurations as listed in this erratum.
{"id": "RHSA-2004:188", "hash": "60ebb6f4ba8c1e029c9ef064f5b93069", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2004:188) Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2", "description": "The Linux kernel handles the basic functions of the\noperating system.\n\nThis is the second regular kernel update to Red Hat\nEnterprise Linux version 3. It contains several minor\nsecurity fixes, many bug fixes, device driver updates,\nnew hardware support, and the introduction of Linux\nSyscall Auditing support.\n\nThere were bug fixes in many different parts of the kernel,\nthe bulk of which addressed unusual situations such as error\nhandling, race conditions, and resource starvation. The\ncombined effect of the approximately 140 fixes is a strong\nimprovement in the reliability and durability of Red Hat\nEnterprise Linux. Some of the key areas affected are disk\ndrivers, network drivers, USB support, x86_64 and ppc64\nplatform support, ia64 32-bit emulation layer enablers,\nand the VM, NFS, IPv6, and SCSI subsystems.\n\nA significant change in the SCSI subsystem (the disabling\nof the scsi-affine-queue patch) should significantly improve\nSCSI disk driver performance in many scenarios. There were\n10 Bugzillas against SCSI performance problems addressed\nby this change.\n\nThe following drivers have been upgraded to new versions:\n\n bonding ---- 2.4.1\n cciss ------ 2.4.50.RH1\n e1000 ------ 5.2.30.1-k1\n fusion ----- 2.05.11.03\n ipr -------- 1.0.3\n ips -------- 6.11.07\n megaraid2 -- 2.10.1.1\n qla2x00 ---- 6.07.02-RH1\n tg3 -------- 3.1\n z90crypt --- 1.1.4\n\nThis update introduces support for the new Intel EM64T\nprocessor. A new \"ia32e\" architecture has been created to\nsupport booting on platforms based on either the original\nAMD Opteron CPU or the new Intel EM64T CPU. The existing\n\"x86_64\" architecture has remained optimized for Opteron\nsystems. Kernels for both types of systems are built from\nthe same x86_64-architecture sources and share a common\nkernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).\n\nOther highlights in this update include a major upgrade to\nthe SATA infrastructure, addition of IBM JS20 Power Blade\nsupport, and creation of an optional IBM eServer zSeries\nOn-Demand Timer facility for reducing idle CPU overhead.\n\nThe following security issues were addressed in this update:\n\nA minor flaw was found where /proc/tty/driver/serial reveals\nthe exact character counts for serial links. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0461 to this issue.\n\nThe kernel strncpy() function in Linux 2.4 and 2.5 does not\npad the target buffer with null bytes on architectures other\nthan x86, as opposed to the expected libc behavior, which\ncould lead to information leaks. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name\nCAN-2003-0465 to this issue.\n\nA minor data leak was found in two real time clock drivers\n(for /dev/rtc). The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name\nCAN-2003-0984 to this issue.\n\nA flaw in the R128 Direct Render Infrastructure (dri) driver\ncould allow local privilege escalation. This driver is part\nof the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0003 to this issue.\n\nA flaw in ncp_lookup() in ncpfs could allow local privilege\nescalation. The ncpfs module allows a system to mount\nvolumes of NetWare servers or print to NetWare printers and\nis in the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0010 to this issue.\n\n(Note that the kernel-unsupported package contains drivers\nand other modules that are unsupported and therefore might\ncontain security problems that have not been addressed.)\n\nAll Red Hat Enterprise Linux 3 users are advised to upgrade\ntheir kernels to the packages associated with their machine\narchitectures and configurations as listed in this erratum.", "published": "2004-05-11T04:00:00", "modified": "2017-07-29T20:28:55", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2004:188", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2003-0461", "CVE-2003-0465", "CVE-2003-0984", "CVE-2004-0003", "CVE-2004-0010"], "lastseen": "2019-08-13T18:45:15", "history": [{"bulletin": {"id": "RHSA-2004:188", "hash": "9a24cc453ec4f8b4a5e1f0495e998424", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2004:188) Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2", "description": "The Linux kernel handles the basic functions of the\noperating system.\n\nThis is the second regular kernel update to Red Hat\nEnterprise Linux version 3. It contains several minor\nsecurity fixes, many bug fixes, device driver updates,\nnew hardware support, and the introduction of Linux\nSyscall Auditing support.\n\nThere were bug fixes in many different parts of the kernel,\nthe bulk of which addressed unusual situations such as error\nhandling, race conditions, and resource starvation. The\ncombined effect of the approximately 140 fixes is a strong\nimprovement in the reliability and durability of Red Hat\nEnterprise Linux. Some of the key areas affected are disk\ndrivers, network drivers, USB support, x86_64 and ppc64\nplatform support, ia64 32-bit emulation layer enablers,\nand the VM, NFS, IPv6, and SCSI subsystems.\n\nA significant change in the SCSI subsystem (the disabling\nof the scsi-affine-queue patch) should significantly improve\nSCSI disk driver performance in many scenarios. There were\n10 Bugzillas against SCSI performance problems addressed\nby this change.\n\nThe following drivers have been upgraded to new versions:\n\n bonding ---- 2.4.1\n cciss ------ 2.4.50.RH1\n e1000 ------ 5.2.30.1-k1\n fusion ----- 2.05.11.03\n ipr -------- 1.0.3\n ips -------- 6.11.07\n megaraid2 -- 2.10.1.1\n qla2x00 ---- 6.07.02-RH1\n tg3 -------- 3.1\n z90crypt --- 1.1.4\n\nThis update introduces support for the new Intel EM64T\nprocessor. A new \"ia32e\" architecture has been created to\nsupport booting on platforms based on either the original\nAMD Opteron CPU or the new Intel EM64T CPU. The existing\n\"x86_64\" architecture has remained optimized for Opteron\nsystems. Kernels for both types of systems are built from\nthe same x86_64-architecture sources and share a common\nkernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).\n\nOther highlights in this update include a major upgrade to\nthe SATA infrastructure, addition of IBM JS20 Power Blade\nsupport, and creation of an optional IBM eServer zSeries\nOn-Demand Timer facility for reducing idle CPU overhead.\n\nThe following security issues were addressed in this update:\n\nA minor flaw was found where /proc/tty/driver/serial reveals\nthe exact character counts for serial links. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0461 to this issue.\n\nThe kernel strncpy() function in Linux 2.4 and 2.5 does not\npad the target buffer with null bytes on architectures other\nthan x86, as opposed to the expected libc behavior, which\ncould lead to information leaks. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name\nCAN-2003-0465 to this issue.\n\nA minor data leak was found in two real time clock drivers\n(for /dev/rtc). The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name\nCAN-2003-0984 to this issue.\n\nA flaw in the R128 Direct Render Infrastructure (dri) driver\ncould allow local privilege escalation. This driver is part\nof the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0003 to this issue.\n\nA flaw in ncp_lookup() in ncpfs could allow local privilege\nescalation. The ncpfs module allows a system to mount\nvolumes of NetWare servers or print to NetWare printers and\nis in the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0010 to this issue.\n\n(Note that the kernel-unsupported package contains drivers\nand other modules that are unsupported and therefore might\ncontain security problems that have not been addressed.)\n\nAll Red Hat Enterprise Linux 3 users are advised to upgrade\ntheir kernels to the packages associated with their machine\narchitectures and configurations as listed in this erratum.", "published": "2004-05-11T04:00:00", "modified": "2017-07-29T20:28:55", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2004:188", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2003-0461", "CVE-2003-0465", "CVE-2003-0984", "CVE-2003-1040", "CVE-2004-0003", "CVE-2004-0010"], "lastseen": "2017-08-02T22:58:12", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"packageFilename": "kernel-2.4.21-15.EL.ia64.rpm", "OS": "RedHat", "OSVersion": "any", "packageName": "kernel", "operator": "lt", "packageVersion": "2.4.21-15.EL", "arch": "ia64"}, {"packageFilename": "kernel-doc-2.4.21-15.EL.ia64.rpm", "OS": "RedHat", "OSVersion": "any", "packageName": "kernel-doc", "operator": "lt", "packageVersion": "2.4.21-15.EL", "arch": "ia64"}, {"packageFilename": "kernel-source-2.4.21-15.EL.ia64.rpm", "OS": "RedHat", "OSVersion": "any", "packageName": "kernel-source", "operator": "lt", "packageVersion": "2.4.21-15.EL", "arch": "ia64"}, {"packageFilename": "kernel-unsupported-2.4.21-15.EL.ia64.rpm", "OS": "RedHat", "OSVersion": "any", "packageName": "kernel-unsupported", "operator": "lt", "packageVersion": "2.4.21-15.EL", "arch": "ia64"}]}, "lastseen": "2017-08-02T22:58:12", "differentElements": ["affectedPackage", "cvelist"], "edition": 1}, {"bulletin": {"id": "RHSA-2004:188", "hash": "f16a5e93775380f690b2ea3bbd07c4e0", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2004:188) Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2", "description": "The Linux kernel handles the basic functions of the\noperating system.\n\nThis is the second regular kernel update to Red Hat\nEnterprise Linux version 3. It contains several minor\nsecurity fixes, many bug fixes, device driver updates,\nnew hardware support, and the introduction of Linux\nSyscall Auditing support.\n\nThere were bug fixes in many different parts of the kernel,\nthe bulk of which addressed unusual situations such as error\nhandling, race conditions, and resource starvation. The\ncombined effect of the approximately 140 fixes is a strong\nimprovement in the reliability and durability of Red Hat\nEnterprise Linux. Some of the key areas affected are disk\ndrivers, network drivers, USB support, x86_64 and ppc64\nplatform support, ia64 32-bit emulation layer enablers,\nand the VM, NFS, IPv6, and SCSI subsystems.\n\nA significant change in the SCSI subsystem (the disabling\nof the scsi-affine-queue patch) should significantly improve\nSCSI disk driver performance in many scenarios. There were\n10 Bugzillas against SCSI performance problems addressed\nby this change.\n\nThe following drivers have been upgraded to new versions:\n\n bonding ---- 2.4.1\n cciss ------ 2.4.50.RH1\n e1000 ------ 5.2.30.1-k1\n fusion ----- 2.05.11.03\n ipr -------- 1.0.3\n ips -------- 6.11.07\n megaraid2 -- 2.10.1.1\n qla2x00 ---- 6.07.02-RH1\n tg3 -------- 3.1\n z90crypt --- 1.1.4\n\nThis update introduces support for the new Intel EM64T\nprocessor. A new \"ia32e\" architecture has been created to\nsupport booting on platforms based on either the original\nAMD Opteron CPU or the new Intel EM64T CPU. The existing\n\"x86_64\" architecture has remained optimized for Opteron\nsystems. Kernels for both types of systems are built from\nthe same x86_64-architecture sources and share a common\nkernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).\n\nOther highlights in this update include a major upgrade to\nthe SATA infrastructure, addition of IBM JS20 Power Blade\nsupport, and creation of an optional IBM eServer zSeries\nOn-Demand Timer facility for reducing idle CPU overhead.\n\nThe following security issues were addressed in this update:\n\nA minor flaw was found where /proc/tty/driver/serial reveals\nthe exact character counts for serial links. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0461 to this issue.\n\nThe kernel strncpy() function in Linux 2.4 and 2.5 does not\npad the target buffer with null bytes on architectures other\nthan x86, as opposed to the expected libc behavior, which\ncould lead to information leaks. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name\nCAN-2003-0465 to this issue.\n\nA minor data leak was found in two real time clock drivers\n(for /dev/rtc). The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name\nCAN-2003-0984 to this issue.\n\nA flaw in the R128 Direct Render Infrastructure (dri) driver\ncould allow local privilege escalation. This driver is part\nof the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0003 to this issue.\n\nA flaw in ncp_lookup() in ncpfs could allow local privilege\nescalation. The ncpfs module allows a system to mount\nvolumes of NetWare servers or print to NetWare printers and\nis in the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0010 to this issue.\n\n(Note that the kernel-unsupported package contains drivers\nand other modules that are unsupported and therefore might\ncontain security problems that have not been addressed.)\n\nAll Red Hat Enterprise Linux 3 users are advised to upgrade\ntheir kernels to the packages associated with their machine\narchitectures and configurations as listed in this erratum.", "published": "2004-05-11T04:00:00", "modified": "2017-07-29T20:28:55", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2004:188", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2003-0461", "CVE-2003-0465", "CVE-2003-0984", "CVE-2004-0003", "CVE-2004-0010"], "lastseen": "2018-12-11T17:44:26", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2003-0984", "CVE-2003-0465", "CVE-2003-0461", "CVE-2004-0010", "CVE-2004-0003"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2004-188.NASL", "DEBIAN_DSA-489.NASL", "DEBIAN_DSA-479.NASL", "SUSE_SA_2004_005.NASL", "MANDRAKE_MDKSA-2004-015.NASL", "DEBIAN_DSA-480.NASL", "DEBIAN_DSA-491.NASL", "DEBIAN_DSA-482.NASL", "DEBIAN_DSA-481.NASL", "FEDORA_2003-047.NASL"]}, {"type": "osvdb", "idList": ["OSVDB:9593", "OSVDB:3317", "OSVDB:10298", "OSVDB:3807", "OSVDB:3992"]}, {"type": "debian", "idList": ["DEBIAN:DSA-489-1:DE4F1", "DEBIAN:DSA-482-1:BCAED", "DEBIAN:DSA-480-1:43C7F", "DEBIAN:DSA-479-1:87BA2", "DEBIAN:DSA-479-2:3E38D", "DEBIAN:DSA-481-1:A392D", "DEBIAN:DSA-491-1:38E6F", "DEBIAN:DSA-495-1:D1996", "DEBIAN:DSA-358-1:BF347", "DEBIAN:DSA-423-1:85DBD"]}, {"type": "openvas", "idList": ["OPENVAS:53183", "OPENVAS:53176", "OPENVAS:53682", "OPENVAS:53683", "OPENVAS:53684", "OPENVAS:53685", "OPENVAS:53178", "OPENVAS:53708", "OPENVAS:53647", "OPENVAS:53122"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6068", "SECURITYVULNS:DOC:4884"]}, {"type": "redhat", "idList": ["RHSA-2004:106", "RHSA-2004:069", "RHSA-2004:044"]}, {"type": "suse", "idList": ["SUSE-SA:2004:005", "SUSE-SA:2003:049"]}, {"type": "cert", "idList": ["VU:490620"]}], "modified": "2018-12-11T17:44:26"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "kernel", "packageVersion": "2.4.21-15.EL", "packageFilename": "kernel-2.4.21-15.EL.ia64.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T17:44:26", "differentElements": ["cvss"], "edition": 2}, {"bulletin": {"id": "RHSA-2004:188", "hash": "43068bbff5f7ba3ac838ac3b509a6c6c", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2004:188) Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2", "description": "The Linux kernel handles the basic functions of the\noperating system.\n\nThis is the second regular kernel update to Red Hat\nEnterprise Linux version 3. It contains several minor\nsecurity fixes, many bug fixes, device driver updates,\nnew hardware support, and the introduction of Linux\nSyscall Auditing support.\n\nThere were bug fixes in many different parts of the kernel,\nthe bulk of which addressed unusual situations such as error\nhandling, race conditions, and resource starvation. The\ncombined effect of the approximately 140 fixes is a strong\nimprovement in the reliability and durability of Red Hat\nEnterprise Linux. Some of the key areas affected are disk\ndrivers, network drivers, USB support, x86_64 and ppc64\nplatform support, ia64 32-bit emulation layer enablers,\nand the VM, NFS, IPv6, and SCSI subsystems.\n\nA significant change in the SCSI subsystem (the disabling\nof the scsi-affine-queue patch) should significantly improve\nSCSI disk driver performance in many scenarios. There were\n10 Bugzillas against SCSI performance problems addressed\nby this change.\n\nThe following drivers have been upgraded to new versions:\n\n bonding ---- 2.4.1\n cciss ------ 2.4.50.RH1\n e1000 ------ 5.2.30.1-k1\n fusion ----- 2.05.11.03\n ipr -------- 1.0.3\n ips -------- 6.11.07\n megaraid2 -- 2.10.1.1\n qla2x00 ---- 6.07.02-RH1\n tg3 -------- 3.1\n z90crypt --- 1.1.4\n\nThis update introduces support for the new Intel EM64T\nprocessor. A new \"ia32e\" architecture has been created to\nsupport booting on platforms based on either the original\nAMD Opteron CPU or the new Intel EM64T CPU. The existing\n\"x86_64\" architecture has remained optimized for Opteron\nsystems. Kernels for both types of systems are built from\nthe same x86_64-architecture sources and share a common\nkernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).\n\nOther highlights in this update include a major upgrade to\nthe SATA infrastructure, addition of IBM JS20 Power Blade\nsupport, and creation of an optional IBM eServer zSeries\nOn-Demand Timer facility for reducing idle CPU overhead.\n\nThe following security issues were addressed in this update:\n\nA minor flaw was found where /proc/tty/driver/serial reveals\nthe exact character counts for serial links. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2003-0461 to this issue.\n\nThe kernel strncpy() function in Linux 2.4 and 2.5 does not\npad the target buffer with null bytes on architectures other\nthan x86, as opposed to the expected libc behavior, which\ncould lead to information leaks. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name\nCAN-2003-0465 to this issue.\n\nA minor data leak was found in two real time clock drivers\n(for /dev/rtc). The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name\nCAN-2003-0984 to this issue.\n\nA flaw in the R128 Direct Render Infrastructure (dri) driver\ncould allow local privilege escalation. This driver is part\nof the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0003 to this issue.\n\nA flaw in ncp_lookup() in ncpfs could allow local privilege\nescalation. The ncpfs module allows a system to mount\nvolumes of NetWare servers or print to NetWare printers and\nis in the kernel-unsupported package. The Common Vulnera-\nbilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0010 to this issue.\n\n(Note that the kernel-unsupported package contains drivers\nand other modules that are unsupported and therefore might\ncontain security problems that have not been addressed.)\n\nAll Red Hat Enterprise Linux 3 users are advised to upgrade\ntheir kernels to the packages associated with their machine\narchitectures and configurations as listed in this erratum.", "published": "2004-05-11T04:00:00", "modified": "2017-07-29T20:28:55", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2004:188", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2003-0461", "CVE-2003-0465", "CVE-2003-0984", "CVE-2004-0003", "CVE-2004-0010"], "lastseen": "2019-05-29T14:35:19", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 6.6, "vector": "NONE", "modified": "2019-05-29T14:35:19"}, "dependencies": {"references": [{"type": "nessus", "idList": ["REDHAT-RHSA-2004-188.NASL", "DEBIAN_DSA-482.NASL", "DEBIAN_DSA-479.NASL", "DEBIAN_DSA-491.NASL", "MANDRAKE_MDKSA-2004-015.NASL", "DEBIAN_DSA-480.NASL", "DEBIAN_DSA-481.NASL", "DEBIAN_DSA-489.NASL", "SUSE_SA_2004_005.NASL", "FEDORA_2003-047.NASL"]}, {"type": "cve", "idList": ["CVE-2003-0984", "CVE-2003-0465", "CVE-2003-0461", "CVE-2004-0010", "CVE-2004-0003"]}, {"type": "debian", "idList": ["DEBIAN:DSA-481-1:A392D", "DEBIAN:DSA-480-1:43C7F", "DEBIAN:DSA-491-1:38E6F", "DEBIAN:DSA-479-1:87BA2", "DEBIAN:DSA-489-1:DE4F1", "DEBIAN:DSA-482-1:BCAED", "DEBIAN:DSA-479-2:3E38D", "DEBIAN:DSA-495-1:D1996", "DEBIAN:DSA-358-1:BF347", "DEBIAN:DSA-423-1:85DBD"]}, {"type": "suse", "idList": ["SUSE-SA:2004:005", "SUSE-SA:2003:049"]}, {"type": "openvas", "idList": ["OPENVAS:53183", "OPENVAS:53685", "OPENVAS:53684", "OPENVAS:53682", "OPENVAS:53176", "OPENVAS:53683", "OPENVAS:53178", "OPENVAS:53708", "OPENVAS:53647", "OPENVAS:53122"]}, {"type": "redhat", "idList": ["RHSA-2004:106", "RHSA-2004:069", "RHSA-2004:044"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6068", "SECURITYVULNS:DOC:4884"]}, {"type": "osvdb", "idList": ["OSVDB:9593", "OSVDB:3317", "OSVDB:10298", "OSVDB:3992", "OSVDB:3807"]}, {"type": "cert", "idList": ["VU:490620"]}], "modified": "2019-05-29T14:35:19"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "kernel", "packageVersion": "2.4.21-15.EL", "packageFilename": "kernel-2.4.21-15.EL.ia64.rpm", "operator": "lt"}]}, "lastseen": "2019-05-29T14:35:19", "differentElements": ["affectedPackage"], "edition": 3}], "viewCount": 2, "enchantments": {"score": {"value": 6.6, "vector": "NONE", "modified": "2019-08-13T18:45:15"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2003-0984", "CVE-2003-0465", "CVE-2003-0461", "CVE-2004-0010", "CVE-2004-0003"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2004-188.NASL", "DEBIAN_DSA-479.NASL", "DEBIAN_DSA-491.NASL", "DEBIAN_DSA-482.NASL", "DEBIAN_DSA-480.NASL", "DEBIAN_DSA-481.NASL", "MANDRAKE_MDKSA-2004-015.NASL", "DEBIAN_DSA-489.NASL", "SUSE_SA_2004_005.NASL", "FEDORA_2003-047.NASL"]}, {"type": "suse", "idList": ["SUSE-SA:2004:005", "SUSE-SA:2003:049"]}, {"type": "openvas", "idList": ["OPENVAS:53183", "OPENVAS:53685", "OPENVAS:53176", "OPENVAS:53682", "OPENVAS:53683", "OPENVAS:53684", "OPENVAS:53178", "OPENVAS:53708", "OPENVAS:53647", "OPENVAS:53122"]}, {"type": "debian", "idList": ["DEBIAN:DSA-481-1:A392D", "DEBIAN:DSA-480-1:43C7F", "DEBIAN:DSA-479-1:87BA2", "DEBIAN:DSA-489-1:DE4F1", "DEBIAN:DSA-491-1:38E6F", "DEBIAN:DSA-479-2:3E38D", "DEBIAN:DSA-482-1:BCAED", "DEBIAN:DSA-495-1:D1996", "DEBIAN:DSA-358-1:BF347", "DEBIAN:DSA-423-1:85DBD"]}, {"type": "redhat", "idList": ["RHSA-2004:106", "RHSA-2004:069", "RHSA-2004:044"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:6068", "SECURITYVULNS:DOC:4884"]}, {"type": "osvdb", "idList": ["OSVDB:9593", "OSVDB:3317", "OSVDB:10298", "OSVDB:3992", "OSVDB:3807"]}, {"type": "cert", "idList": ["VU:490620"]}], "modified": "2019-08-13T18:45:15"}, "vulnersScore": 6.6}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "arch": "x86_64", "packageName": "(kernel-source", "packageVersion": "2.4.21-15.EL", "packageFilename": "(kernel-source-2.4.21-15.EL.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "kernel-doc", "packageVersion": "2.4.21-15.EL", "packageFilename": "kernel-doc-2.4.21-15.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "kernel", "packageVersion": "2.4.21-15.EL", "packageFilename": "kernel-2.4.21-15.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "kernel-unsupported", "packageVersion": "2.4.21-15.EL", "packageFilename": "kernel-unsupported-2.4.21-15.EL.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "any", "arch": "ia64", "packageName": "kernel-source", "packageVersion": "2.4.21-15.EL", "packageFilename": "kernel-source-2.4.21-15.EL.ia64.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}
{"nessus": [{"lastseen": "2019-11-01T03:20:09", "bulletinFamily": "scanner", "description": "Updated kernel packages are now available as part of ongoing support\nand maintenance of Red Hat Enterprise Linux version 3. This is the\nsecond regular update.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nThis is the second regular kernel update to Red Hat Enterprise Linux\nversion 3. It contains several minor security fixes, many bug fixes,\ndevice driver updates, new hardware support, and the introduction of\nLinux Syscall Auditing support.\n\nThere were bug fixes in many different parts of the kernel, the bulk\nof which addressed unusual situations such as error handling, race\nconditions, and resource starvation. The combined effect of the\napproximately 140 fixes is a strong improvement in the reliability and\ndurability of Red Hat Enterprise Linux. Some of the key areas affected\nare disk drivers, network drivers, USB support, x86_64 and ppc64\nplatform support, ia64 32-bit emulation layer enablers, and the VM,\nNFS, IPv6, and SCSI subsystems.\n\nA significant change in the SCSI subsystem (the disabling of the\nscsi-affine-queue patch) should significantly improve SCSI disk driver\nperformance in many scenarios. There were 10 Bugzillas against SCSI\nperformance problems addressed by this change.\n\nThe following drivers have been upgraded to new versions :\n\nbonding ---- 2.4.1 cciss ------ 2.4.50.RH1 e1000 ------ 5.2.30.1-k1\nfusion ----- 2.05.11.03 ipr -------- 1.0.3 ips -------- 6.11.07\nmegaraid2 -- 2.10.1.1 qla2x00 ---- 6.07.02-RH1 tg3 -------- 3.1\nz90crypt --- 1.1.4\n\nThis update introduces support for the new Intel EM64T processor. A\nnew ", "modified": "2019-11-02T00:00:00", "id": "REDHAT-RHSA-2004-188.NASL", "href": "https://www.tenable.com/plugins/nessus/12494", "published": "2004-07-06T00:00:00", "title": "RHEL 3 : kernel (RHSA-2004:188)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:188. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(12494);\n script_version (\"1.30\");\n script_cvs_date(\"Date: 2019/10/25 13:36:10\");\n\n script_cve_id(\"CVE-2003-0461\", \"CVE-2003-0465\", \"CVE-2003-0984\", \"CVE-2003-1040\", \"CVE-2004-0003\", \"CVE-2004-0010\");\n script_xref(name:\"RHSA\", value:\"2004:188\");\n\n script_name(english:\"RHEL 3 : kernel (RHSA-2004:188)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages are now available as part of ongoing support\nand maintenance of Red Hat Enterprise Linux version 3. This is the\nsecond regular update.\n\nThe Linux kernel handles the basic functions of the operating system.\n\nThis is the second regular kernel update to Red Hat Enterprise Linux\nversion 3. It contains several minor security fixes, many bug fixes,\ndevice driver updates, new hardware support, and the introduction of\nLinux Syscall Auditing support.\n\nThere were bug fixes in many different parts of the kernel, the bulk\nof which addressed unusual situations such as error handling, race\nconditions, and resource starvation. The combined effect of the\napproximately 140 fixes is a strong improvement in the reliability and\ndurability of Red Hat Enterprise Linux. Some of the key areas affected\nare disk drivers, network drivers, USB support, x86_64 and ppc64\nplatform support, ia64 32-bit emulation layer enablers, and the VM,\nNFS, IPv6, and SCSI subsystems.\n\nA significant change in the SCSI subsystem (the disabling of the\nscsi-affine-queue patch) should significantly improve SCSI disk driver\nperformance in many scenarios. There were 10 Bugzillas against SCSI\nperformance problems addressed by this change.\n\nThe following drivers have been upgraded to new versions :\n\nbonding ---- 2.4.1 cciss ------ 2.4.50.RH1 e1000 ------ 5.2.30.1-k1\nfusion ----- 2.05.11.03 ipr -------- 1.0.3 ips -------- 6.11.07\nmegaraid2 -- 2.10.1.1 qla2x00 ---- 6.07.02-RH1 tg3 -------- 3.1\nz90crypt --- 1.1.4\n\nThis update introduces support for the new Intel EM64T processor. A\nnew 'ia32e' architecture has been created to support booting on\nplatforms based on either the original AMD Opteron CPU or the new\nIntel EM64T CPU. The existing 'x86_64' architecture has remained\noptimized for Opteron systems. Kernels for both types of systems are\nbuilt from the same x86_64-architecture sources and share a common\nkernel source RPM (kernel-source-2.4.21-15.EL.x86_64.rpm).\n\nOther highlights in this update include a major upgrade to the SATA\ninfrastructure, addition of IBM JS20 Power Blade support, and creation\nof an optional IBM eServer zSeries On-Demand Timer facility for\nreducing idle CPU overhead.\n\nThe following security issues were addressed in this update :\n\nA minor flaw was found where /proc/tty/driver/serial reveals the exact\ncharacter counts for serial links. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2003-0461\nto this issue.\n\nThe kernel strncpy() function in Linux 2.4 and 2.5 does not pad the\ntarget buffer with null bytes on architectures other than x86, as\nopposed to the expected libc behavior, which could lead to information\nleaks. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0465 to this issue.\n\nA minor data leak was found in two real time clock drivers (for\n/dev/rtc). The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2003-0984 to this issue.\n\nA flaw in the R128 Direct Render Infrastructure (dri) driver could\nallow local privilege escalation. This driver is part of the\nkernel-unsupported package. The Common Vulnera- bilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2004-0003 to this\nissue.\n\nA flaw in ncp_lookup() in ncpfs could allow local privilege\nescalation. The ncpfs module allows a system to mount volumes of\nNetWare servers or print to NetWare printers and is in the\nkernel-unsupported package. The Common Vulnera- bilities and Exposures\nproject (cve.mitre.org) has assigned the name CVE-2004-0010 to this\nissue.\n\n(Note that the kernel-unsupported package contains drivers and other\nmodules that are unsupported and therefore might contain security\nproblems that have not been addressed.)\n\nAll Red Hat Enterprise Linux 3 users are advised to upgrade their\nkernels to the packages associated with their machine architectures\nand configurations as listed in this erratum.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0461\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-0984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2003-1040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0003\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:188\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-smp-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-unsupported\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/08/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/05/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2003-0461\", \"CVE-2003-0465\", \"CVE-2003-0984\", \"CVE-2003-1040\", \"CVE-2004-0003\", \"CVE-2004-0010\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2004:188\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:188\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-doc-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-hugemem-unsupported-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"i686\", reference:\"kernel-smp-unsupported-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", cpu:\"x86_64\", reference:\"kernel-smp-unsupported-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-source-2.4.21-15.EL\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"kernel-unsupported-2.4.21-15.EL\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-doc / kernel-hugemem / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:25:38", "bulletinFamily": "scanner", "description": "Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.19 for the MIPS architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update :\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-491.NASL", "href": "https://www.tenable.com/plugins/nessus/15328", "published": "2004-09-29T00:00:00", "title": "Debian DSA-491-1 : linux-kernel-2.4.19-mips - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-491. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15328);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(9570, 9691, 9985, 10141, 10152);\n script_xref(name:\"DSA\", value:\"491\");\n\n script_name(english:\"Debian DSA-491-1 : linux-kernel-2.4.19-mips - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.19 for the MIPS architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update :\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\n - CAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in\n the Sound Blaster driver in Linux. He also developed a\n correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\n Architecture stable (woody) unstable (sid) removed in sid \n source 2.4.19-4.woody2 2.4.25-3 2.4.19-11 \n mips 2.4.19-0.020911.1.woody4 2.4.25-0.040415.1 2.4.19-0.020911.8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-491\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel packages immediately, either with a Debian provided\nkernel or with a self compiled one.\n\n Vulnerability matrix for CAN-2004-0109\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.19 kernel-patch-2.4.19-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.19\", reference:\"2.4.19-4.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.19\", reference:\"2.4.19-0.020911.1.woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.19-r4k-ip22\", reference:\"2.4.19-0.020911.1.woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.19-r5k-ip22\", reference:\"2.4.19-0.020911.1.woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.19-mips\", reference:\"2.4.19-0.020911.1.woody4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.19\", reference:\"2.4.19-4.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mips-tools\", reference:\"2.4.19-0.020911.1.woody4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:25:37", "bulletinFamily": "scanner", "description": "Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the PowerPC/apus and S/390\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update\n:\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-482.NASL", "href": "https://www.tenable.com/plugins/nessus/15319", "published": "2004-09-29T00:00:00", "title": "Debian DSA-482-1 : linux-kernel-2.4.17-apus+s390 - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-482. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15319);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(9570, 9691, 9985, 10141, 10152);\n script_xref(name:\"DSA\", value:\"482\");\n\n script_name(english:\"Debian DSA-482-1 : linux-kernel-2.4.17-apus+s390 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the PowerPC/apus and S/390\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update\n:\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\n - CAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in\n the Sound Blaster driver in Linux. He also developed a\n correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed.\n\n Architecture stable (woody) unstable (sid) \n source 2.4.17-1woody3 2.4.25-3 \n powerpc/apus 2.4.17-5 2.4.25-2 \n s390 2.4.17-2.woody.4 2.4.25-2 (and probably 2.4.21-3)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-482\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel packages immediately, either with a Debian provided\nkernel or with a self compiled one.\n\n Vulnerability matrix for CAN-2004-0109\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.17 kernel-patch-2.4.17-apus kernel-patch-2.4.17-s390 kernel-image-2.4.17-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.17\", reference:\"2.4.17-1woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17\", reference:\"2.4.17-2.woody.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17-apus\", reference:\"2.4.17-5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-apus\", reference:\"2.4.17-5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-s390\", reference:\"2.4.17-2.woody.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-apus\", reference:\"2.4.17-5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-apus\", reference:\"2.4.17-5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-s390\", reference:\"0.0.20020816-0.woody.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.17\", reference:\"2.4.17-1woody3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:25:37", "bulletinFamily": "scanner", "description": "Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.18 for the alpha, i386 and powerpc\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update\n:\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-479.NASL", "href": "https://www.tenable.com/plugins/nessus/15316", "published": "2004-09-29T00:00:00", "title": "Debian DSA-479-1 : linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-479. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15316);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(9570, 9691, 9985, 10141, 10152);\n script_xref(name:\"DSA\", value:\"479\");\n\n script_name(english:\"Debian DSA-479-1 : linux-kernel-2.4.18-alpha+i386+powerpc - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.18 for the alpha, i386 and powerpc\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update\n:\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\n - CAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in\n the Sound Blaster driver in Linux. He also developed a\n correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed. Kernel images in the unstable Debian\ndistribution (sid) will be fixed soon.\n\n Architecture stable (woody) unstable (sid) removed in sid \n source 2.4.18-14.3 2.4.25-3 -- \n alpha 2.4.18-15 soon -- \n i386 2.4.18-13 soon -- \n i386bf 2.4.18-5woody8 soon -- \n powerpc 2.4.18-1woody5 2.4.25-8 2.4.22\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-479\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel packages immediately, either with a Debian provided\nkernel or with a self compiled one.\n\n Vulnerability matrix for CAN-2004-0109\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.18 kernel-image-2.4.18-1-alpha kernel-image-2.4.18-1-i386 kernel-image-2.4.18-i386bf kernel-patch-2.4.18-powerpc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.18\", reference:\"2.4.18-14.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18\", reference:\"2.4.18-1woody5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-386\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-586tsc\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-686\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-686-smp\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-generic\", reference:\"2.4.18-15\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-k6\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-k7\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-1-smp\", reference:\"2.4.18-15\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-bf2.4\", reference:\"2.4.18-5woody8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-386\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-586tsc\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-686\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-686-smp\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-generic\", reference:\"2.4.18-15\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-k6\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-k7\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-1-smp\", reference:\"2.4.18-15\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-bf2.4\", reference:\"2.4.18-5woody8\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-newpmac\", reference:\"2.4.18-1woody5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-powerpc\", reference:\"2.4.18-1woody5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-powerpc-smp\", reference:\"2.4.18-1woody5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.18-powerpc\", reference:\"2.4.18-1woody5\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-386\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-686\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-k6\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-pcmcia-modules-2.4.18-1-k7\", reference:\"2.4.18-13\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.18\", reference:\"2.4.18-14.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:25:37", "bulletinFamily": "scanner", "description": "Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the MIPS and MIPSel\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update\n:\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-489.NASL", "href": "https://www.tenable.com/plugins/nessus/15326", "published": "2004-09-29T00:00:00", "title": "Debian DSA-489-1 : linux-kernel-2.4.17-mips+mipsel - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-489. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15326);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(9570, 9691, 9985, 10141, 10152);\n script_xref(name:\"DSA\", value:\"489\");\n\n script_name(english:\"Debian DSA-489-1 : linux-kernel-2.4.17-mips+mipsel - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the MIPS and MIPSel\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update\n:\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\n - CAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in\n the Sound Blaster driver in Linux. He also developed a\n correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\n Architecture stable (woody) unstable (sid) removed in sid \n source 2.4.17-1woody3 2.4.25-3 2.4.19-11 \n mips 2.4.17-0.020226.2.woody6 2.4.25-0.040415.1 2.4.19-0.020911.8 \n mipsel 2.4.17-0.020226.2.woody6 2.4.25-0.040415.1 2.4.19-0.020911.9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-489\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel packages immediately, either with a Debian provided\nkernel or with a self compiled one.\n\n Vulnerability matrix for CAN-2004-0109\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-source-2.4.17 kernel-patch-2.4.17-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2002/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-doc-2.4.17\", reference:\"2.4.17-1woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r3k-kn02\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r4k-ip22\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r4k-kn04\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-r5k-ip22\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-patch-2.4.17-mips\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.17\", reference:\"2.4.17-1woody3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"mips-tools\", reference:\"2.4.17-0.020226.2.woody6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-03T12:18:09", "bulletinFamily": "scanner", "description": "The remote host is missing the patch for the advisory SuSE-SA:2004:005 (Linux Kernel).\n\n\nAnother bug in the Kernel", "modified": "2019-11-02T00:00:00", "id": "SUSE_SA_2004_005.NASL", "href": "https://www.tenable.com/plugins/nessus/13823", "published": "2004-07-25T00:00:00", "title": "SuSE-SA:2004:005: Linux Kernel", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SuSE-SA:2004:005\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude(\"compat.inc\");\n\nif(description)\n{\n script_id(13823);\n script_bugtraq_id(9570, 9690, 9691);\n script_version (\"1.20\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0075\", \"CVE-2004-0077\");\n \n name[\"english\"] = \"SuSE-SA:2004:005: Linux Kernel\";\n \n\n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SuSE-SA:2004:005 (Linux Kernel).\n\n\nAnother bug in the Kernel's do_mremap() function, which is unrelated to\nthe bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz.\nThe do_mremap() function of the Linux Kernel is used to manage\nVirtual Memory Areas (VMAs) which includes moving, removing and\nresizing of memory areas. To remove old memory areas do_mremap()\nuses the function du_munmap() without checking the return value.\nBy forcing do_munmap() to return an error the memory management of\na process can be tricked into moving page table entries from one VMA\nto another. The destination VMA may be protected by a different ACL\nwhich enables a local attacker to gain write access to previous read-only\npages.\nThe result will be local root access to the system.\n\nAdditionally to the bug mentioned above some other bugs were fixed\n(depending on architecture) that can cause local denial-of-service\nconditions:\n- Vicam USB driver: CVE-2004-0075\n+ denial-of-service due to problem while\ncopying data from user to kernel space\n- Direct Render Infrastructure: CVE-2004-0003\n+ denial-of-service due to integer overflow\n+ needs r128 card and console to be exploited\n- ncpfs/ncp_lookup: CVE-2004-0010\n+ buffer overflow with the probability to\ngain root\n- execve():\n+ malformed elf binaries can lead to a local\ndenial-of-service attack\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/2004_05_linux_kernel.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/07/25\");\n script_cvs_date(\"Date: 2019/10/25 13:36:27\");\n\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the Linux Kernel package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"k_deflt-2.4.21-189\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_athlon-2.4.21-189\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_psmp-2.4.21-189\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp-2.4.21-189\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.4.21-189\", release:\"SUSE8.1\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_deflt-2.4.20-105\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_athlon-2.4.20-105\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_psmp-2.4.20-105\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp-2.4.20-105\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.4.20.SuSE-104\", release:\"SUSE8.2\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_deflt-2.4.21-192\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp-2.4.21-192\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_smp4G-2.4.21-192\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_um-2.4.21-192\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"k_athlon-2.4.21-192\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif ( rpm_check( reference:\"kernel-source-2.4.21-192\", release:\"SUSE9.0\") )\n{\n security_hole(0);\n exit(0);\n}\nif (rpm_exists(rpm:\"Linux Kernel-\", release:\"SUSE8.1\")\n || rpm_exists(rpm:\"Linux Kernel-\", release:\"SUSE8.2\")\n || rpm_exists(rpm:\"Linux Kernel-\", release:\"SUSE9.0\") )\n{\n set_kb_item(name:\"CVE-2004-0003\", value:TRUE);\n set_kb_item(name:\"CVE-2004-0010\", value:TRUE);\n set_kb_item(name:\"CVE-2004-0075\", value:TRUE);\n set_kb_item(name:\"CVE-2004-0077\", value:TRUE);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:25:37", "bulletinFamily": "scanner", "description": "Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the IA-64 architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update :\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-481.NASL", "href": "https://www.tenable.com/plugins/nessus/15318", "published": "2004-09-29T00:00:00", "title": "Debian DSA-481-1 : linux-kernel-2.4.17-ia64 - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-481. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15318);\n script_version(\"1.21\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(10152);\n script_xref(name:\"DSA\", value:\"481\");\n\n script_name(english:\"Debian DSA-481-1 : linux-kernel-2.4.17-ia64 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the IA-64 architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update :\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\n - CAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in\n the Sound Blaster driver in Linux. He also developed a\n correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-481\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel packages immediately, either with a Debian provided\nkernel or with a self compiled one.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 011226.17 for Linux 2.4.17.\n\n Vulnerability matrix for CAN-2004-0109\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-ia64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17-ia64\", reference:\"011226.17\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-itanium\", reference:\"011226.17\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-itanium-smp\", reference:\"011226.17\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-mckinley\", reference:\"011226.17\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-mckinley-smp\", reference:\"011226.17\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.17-ia64\", reference:\"011226.17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:25:37", "bulletinFamily": "scanner", "description": "Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 and 2.4.18 for the hppa\n(PA-RISC) architecture. The Common Vulnerabilities and Exposures\nproject identifies the following problems that will be fixed with this\nupdate :\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts", "modified": "2019-11-02T00:00:00", "id": "DEBIAN_DSA-480.NASL", "href": "https://www.tenable.com/plugins/nessus/15317", "published": "2004-09-29T00:00:00", "title": "Debian DSA-480-1 : linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-480. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15317);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2019/08/02 13:32:18\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(10152);\n script_xref(name:\"DSA\", value:\"480\");\n\n script_name(english:\"Debian DSA-480-1 : linux-kernel-2.4.17+2.4.18-hppa - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 and 2.4.18 for the hppa\n(PA-RISC) architecture. The Common Vulnerabilities and Exposures\nproject identifies the following problems that will be fixed with this\nupdate :\n\n - CAN-2004-0003\n A vulnerability has been discovered in the R128 DRI\n driver in the Linux kernel which could potentially lead\n an attacker to gain unauthorised privileges. Alan Cox\n and Thomas Biege developed a correction for this.\n\n - CAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer\n overflow in the ncp_lookup function for ncpfs in the\n Linux kernel, which could lead an attacker to gain\n unauthorised privileges. Petr Vandrovec developed a\n correction for this.\n\n - CAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in\n the ISO9660 filesystem component of Linux kernel which\n could be abused by an attacker to gain unauthorised root\n access. Sebastian Krahmer and Ernie Petrides developed a\n correction for this.\n\n - CAN-2004-0177\n\n Solar Designer discovered an information leak in the\n ext3 code of Linux. In a worst case an attacker could\n read sensitive data such as cryptographic keys which\n would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\n - CAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in\n the Sound Blaster driver in Linux. He also developed a\n correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-480\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kernel packages immediately, either with a Debian provided\nkernel or with a self compiled one.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 32.4 for Linux 2.4.17 and in version 62.3 for Linux 2.4.18.\n\n Vulnerability matrix for CAN-2004-0109\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-2.4.17-hppa kernel-image-2.4.18-hppa\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.17-hppa\", reference:\"32.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-headers-2.4.18-hppa\", reference:\"62.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-32\", reference:\"32.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-32-smp\", reference:\"32.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-64\", reference:\"32.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.17-64-smp\", reference:\"32.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-32\", reference:\"62.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-32-smp\", reference:\"62.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-64\", reference:\"62.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-image-2.4.18-64-smp\", reference:\"62.3\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.17-hppa\", reference:\"32.4\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"kernel-source-2.4.18-hppa\", reference:\"62.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:54:55", "bulletinFamily": "scanner", "description": "Paul Staretz discovered a flaw in return value checking in the\nmremap() function in the Linux kernel, versions 2.4.24 and previous\nthat could allow a local user to obtain root privileges.\n\nA vulnerability was found in the R128 DRI driver by Alan Cox. This\ncould allow local privilege escalation.\n\nA flaw in the ncp_lookup() function in the ncpfs code (which is used\nto mount NetWare volumes or print to NetWare printers) was found by\nArjen van de Ven that could allow local privilege escalation.\n\nThe Vicam USB driver in Linux kernel versions prior to 2.4.25 does not\nuse the copy_from_user function to access userspace, which crosses\nsecurity boundaries. This problem does not affect the Mandrake Linux\n9.2 kernel.\n\nAdditionally, a ptrace hole that only affects the amd64/x86_64\nplatform has been corrected.\n\nThe provided packages are patched to fix these vulnerabilities. All\nusers are encouraged to upgrade to these updated kernels.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandrakesecure.net/en/kernelupdate.php", "modified": "2019-11-02T00:00:00", "id": "MANDRAKE_MDKSA-2004-015.NASL", "href": "https://www.tenable.com/plugins/nessus/14115", "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : kernel (MDKSA-2004:015)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:015. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(14115);\n script_version (\"1.22\");\n script_cvs_date(\"Date: 2019/10/16 10:34:21\");\n\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0075\", \"CVE-2004-0077\");\n script_xref(name:\"MDKSA\", value:\"2004:015\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kernel (MDKSA-2004:015)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Paul Staretz discovered a flaw in return value checking in the\nmremap() function in the Linux kernel, versions 2.4.24 and previous\nthat could allow a local user to obtain root privileges.\n\nA vulnerability was found in the R128 DRI driver by Alan Cox. This\ncould allow local privilege escalation.\n\nA flaw in the ncp_lookup() function in the ncpfs code (which is used\nto mount NetWare volumes or print to NetWare printers) was found by\nArjen van de Ven that could allow local privilege escalation.\n\nThe Vicam USB driver in Linux kernel versions prior to 2.4.25 does not\nuse the copy_from_user function to access userspace, which crosses\nsecurity boundaries. This problem does not affect the Mandrake Linux\n9.2 kernel.\n\nAdditionally, a ptrace hole that only affects the amd64/x86_64\nplatform has been corrected.\n\nThe provided packages are patched to fix these vulnerabilities. All\nusers are encouraged to upgrade to these updated kernels.\n\nTo update your kernel, please follow the directions located at :\n\nhttp://www.mandrakesecure.net/en/kernelupdate.php\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.19.38mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.21.0.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-2.4.22.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.19.38mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.22.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.22.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.22.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.19.38mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-secure-2.4.22.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.19.38mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-smp-2.4.22.28mdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-2.4.19.38mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.19.38mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-secure-2.4.19.38mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-smp-2.4.19.38mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.0\", cpu:\"i386\", reference:\"kernel-source-2.4.19-38mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-2.4.21.0.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.21.0.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-secure-2.4.21.0.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-smp-2.4.21.0.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"kernel-source-2.4.21-0.28mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-2.4.22.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"kernel-enterprise-2.4.22.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"kernel-i686-up-4GB-2.4.22.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"kernel-p3-smp-64GB-2.4.22.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-secure-2.4.22.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-smp-2.4.22.28mdk-1-1mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"kernel-source-2.4.22-28mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-01T02:26:27", "bulletinFamily": "scanner", "description": "Various RTC drivers had the potential to leak small amounts of kernel\nmemory to userspace through IOCTL", "modified": "2019-11-02T00:00:00", "id": "FEDORA_2003-047.NASL", "href": "https://www.tenable.com/plugins/nessus/13670", "published": "2004-07-23T00:00:00", "title": "Fedora Core 1 : kernel-2.4.22-1.2140.nptl (2003-047)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2003-047.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(13670);\n script_version (\"1.18\");\n script_cvs_date(\"Date: 2019/08/02 13:32:23\");\n\n script_cve_id(\"CVE-2003-0984\");\n script_xref(name:\"FEDORA\", value:\"2003-047\");\n\n script_name(english:\"Fedora Core 1 : kernel-2.4.22-1.2140.nptl (2003-047)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Various RTC drivers had the potential to leak small amounts of kernel\nmemory to userspace through IOCTL's. \n\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2003-0984 to this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2004-January/000033.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?07bc9e7f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-BOOT\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 1.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC1\", cpu:\"i386\", reference:\"kernel-2.4.22-1.2140.nptl\")) flag++;\nif (rpm_check(release:\"FC1\", cpu:\"i386\", reference:\"kernel-BOOT-2.4.22-1.2140.nptl\")) flag++;\nif (rpm_check(release:\"FC1\", cpu:\"i386\", reference:\"kernel-debuginfo-2.4.22-1.2140.nptl\")) flag++;\nif (rpm_check(release:\"FC1\", cpu:\"i386\", reference:\"kernel-doc-2.4.22-1.2140.nptl\")) flag++;\nif (rpm_check(release:\"FC1\", cpu:\"i386\", reference:\"kernel-smp-2.4.22-1.2140.nptl\")) flag++;\nif (rpm_check(release:\"FC1\", cpu:\"i386\", reference:\"kernel-source-2.4.22-1.2140.nptl\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-BOOT / kernel-debuginfo / kernel-doc / kernel-smp / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2019-05-29T18:07:57", "bulletinFamily": "NVD", "description": "Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.", "modified": "2017-10-11T01:29:00", "id": "CVE-2003-0984", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0984", "published": "2004-01-05T05:00:00", "title": "CVE-2003-0984", "type": "cve", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:07:57", "bulletinFamily": "NVD", "description": "The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.", "modified": "2017-10-11T01:29:00", "id": "CVE-2003-0465", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0465", "published": "2003-08-18T04:00:00", "title": "CVE-2003-0465", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:07:57", "bulletinFamily": "NVD", "description": "/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.", "modified": "2017-10-11T01:29:00", "id": "CVE-2003-0461", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0461", "published": "2003-08-27T04:00:00", "title": "CVE-2003-0461", "type": "cve", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:08:02", "bulletinFamily": "NVD", "description": "Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.", "modified": "2017-10-11T01:29:00", "id": "CVE-2004-0010", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0010", "published": "2004-03-03T05:00:00", "title": "CVE-2004-0010", "type": "cve", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:08:02", "bulletinFamily": "NVD", "description": "Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to \"R128 DRI limits checking.\"", "modified": "2017-10-11T01:29:00", "id": "CVE-2004-0003", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0003", "published": "2004-03-03T05:00:00", "title": "CVE-2004-0003", "type": "cve", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:21:57", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 481-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 14th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-image-2.4.17-ia64\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the IA-64 architecture.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems that will be fixed with this update:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction for this.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 011226.17 for Linux 2.4.17.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.4.25-5 for Linux 2.4.25 and in version 2.6.5-1 for Linux\n2.6.5.\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.17.dsc\n Size/MD5 checksum: 736 2f8bdbd5d82c972dee55ae3eb3051ebf\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.17.tar.gz\n Size/MD5 checksum: 25407685 a4f251ad4275ee197e3f5b3aa76c45c9\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-source-2.4.17-ia64_011226.17_all.deb\n Size/MD5 checksum: 24730726 c6133857bb4423ecec496517f212da70\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-headers-2.4.17-ia64_011226.17_ia64.deb\n Size/MD5 checksum: 3635930 ee77880f4ae85e0850115788e0bc18e6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium_011226.17_ia64.deb\n Size/MD5 checksum: 7020714 942615101e2eb34833f53fa6eb7713d2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium-smp_011226.17_ia64.deb\n Size/MD5 checksum: 7169180 04d65a0c0eae8b01488383ada809a936\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley_011226.17_ia64.deb\n Size/MD5 checksum: 7011536 5388a3be55dfe67c54355d6974f26400\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley-smp_011226.17_ia64.deb\n Size/MD5 checksum: 7161438 7fca8b5dbaf833e15810acde2ad678de\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-14T00:00:00", "published": "2004-04-14T00:00:00", "id": "DEBIAN:DSA-481-1:A392D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00079.html", "title": "[SECURITY] [DSA 481-1] New Linux 2.4.17 packages fix local root exploit (ia64)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:02", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 482-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 14th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.17 kernel-patch-2.4.17-apus kernel-patch-2.4.17-s390 kernel-image-2.4.17-s390\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the PowerPC/apus and S/390\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction for this.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed.\n\nArchitecture stable (woody) unstable (sid)\nsource 2.4.17-1woody3 2.4.25-3\npowerpc/apus 2.4.17-5 2.4.25-2\ns390 2.4.17-2.woody.4 2.4.25-2 (and probably 2.4.21-3)\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3.dsc\n Size/MD5 checksum: 690 222d67d058984eef34ef3af56ad82720\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3.diff.gz\n Size/MD5 checksum: 41918 dce13eeca598d548e390a72fed76728f\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17.orig.tar.gz\n Size/MD5 checksum: 29445154 d5de2a4dc49e32c37e557ef856d5d132\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-5.dsc\n Size/MD5 checksum: 673 f7a70b5e604e74feedba42eb41608a13\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-5.tar.gz\n Size/MD5 checksum: 490001 54f9f6b973b4c945d548510290cb122a\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.3.dsc\n Size/MD5 checksum: 754 d9b64c461d849aeab5a1bb71322f14ec\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.3.diff.gz\n Size/MD5 checksum: 6254 85fd6863f93bfa474b854f4dfbda4034\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816.orig.tar.gz\n Size/MD5 checksum: 338001 5979fbe7c3325033536dfd3914e22dbd\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.4.dsc\n Size/MD5 checksum: 799 51d3be5adf8d79e3a0f3045f2235c52a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.4.tar.gz\n Size/MD5 checksum: 8289 9b02431ce5f6741183b2614d5d9f9f4a\n\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody3_all.deb\n Size/MD5 checksum: 1720294 3b6e8a510996bebd066d1cda8bac41eb\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3_all.deb\n Size/MD5 checksum: 23880582 542792a28d1fc90844f9b51abe84f90e\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-s390/kernel-patch-2.4.17-s390_0.0.20020816-0.woody.3_all.deb\n Size/MD5 checksum: 300768 c8116357d604508ff0e50cc8295005f0\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-headers-2.4.17-apus_2.4.17-5_powerpc.deb\n Size/MD5 checksum: 3366150 3331dac5b42b3cd42e0dcdc7ad574f60\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-2.4.17-apus_2.4.17-5_powerpc.deb\n Size/MD5 checksum: 2211544 f24006c8b07774bccb2ad22af4f95465\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-image-apus_2.4.17-5_powerpc.deb\n Size/MD5 checksum: 4498 89ac0312fa91e6911ed366dd22bef2b9\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-apus/kernel-patch-2.4.17-apus_2.4.17-5_powerpc.deb\n Size/MD5 checksum: 490786 228a12c3a523f86f089121dca964bac7\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-headers-2.4.17_2.4.17-2.woody.4_s390.deb\n Size/MD5 checksum: 3335728 14f64e559f9ccb97876df9a0248b8069\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-s390/kernel-image-2.4.17-s390_2.4.17-2.woody.4_s390.deb\n Size/MD5 checksum: 1343254 25bad4dcb964e713467344bf8a5fd31f\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-14T00:00:00", "published": "2004-04-14T00:00:00", "id": "DEBIAN:DSA-482-1:BCAED", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00080.html", "title": "[SECURITY] [DSA 482-1] New Linux 2.4.17 packages fix local root exploit (source+powerpc/apus+s390)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:21", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 479-2 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 14th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-image-2.4.18-1-i386\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.18 for the i386 architecture.\nThis advisory replaces the i386 part of DSA 479-1 (except for the\ni386bf part). An unfortunate build error caused some of the kernel\npackages in DSA 479-1 to be broken. They are updated with this\nadvisory. For completeness below is the original advisory text:\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems that will be fixed with this update:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitecture are already fixed. Kernel images in the unstable Debian\ndistribution (sid) will be fixed soon.\n\nArchitecture stable (woody) unstable (sid) removed in sid\nsource 2.4.18-14.3 2.4.25-3 --\nalpha 2.4.18-15 soon --\ni386 2.4.18-13.1 soon --\ni386bf 2.4.18-5woody8 soon --\npowerpc 2.4.18-1woody5 2.4.25-8 2.4.22\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.1.dsc\n Size/MD5 checksum: 1193 c5bea6e9e74b7bb8bf2dd6216cf1541d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.1.tar.gz\n Size/MD5 checksum: 70555 035a589ccba3168c3d72d383bbec5dab\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3413448 1b9c7a124b6411a0fcf6cc5778171a66\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3504660 6696636adee7b176ab825d81e9165e4b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3506488 b4106b490093484664c43852856fa8bb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3505952 76dae7ea3d3101b360fb6698330c3398\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3507012 4781cdd4b619bf98c3ad4f4161846d18\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3506524 acc9deaf495f503d46914277197fbc77\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 3506410 42db7812cd1761f290166ab150b14adf\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 8798542 4a7e3724d38ff8d7b933e7a6f6bec4d5\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 8704574 0030a2640f9d718cd7c41940a38eae34\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 8704946 326af5dd4d0435cc3f63469f820ed42a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 8959734 486ac57669b4fc210093b27588644423\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 8660568 088f65b9b009fa3627219ba948a86d89\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 8863282 235d52f69077f021308ef60284bfc384\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 229040 8e22be3a469155ce4e7467c1ae4d0bfb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 228596 f505d3c1b47b335bf7ab6da711f20867\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 228056 d48d609916ccf68d5c070e3f67e49a37\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 231696 7080fb38ee24c31440bb29895ed926e6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 227698 10d849de08330f6031d56412410d80c3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13.1_i386.deb\n Size/MD5 checksum: 230956 3a274e8913ad16a8dc53a53e5c43f14b\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-14T00:00:00", "published": "2004-04-14T00:00:00", "id": "DEBIAN:DSA-479-2:3E38D", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00082.html", "title": "[SECURITY] [DSA 479-2] New Linux 2.4.18 packages fix local root exploit (i386)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:26", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 479-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 14th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.18 kernel-image-2.4.18-1-alpha kernel-image-2.4.18-1-i386 kernel-image-2.4.18-i386bf kernel-patch-2.4.18-powerpc\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.18 for the alpha, i386 and powerpc\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitecture are already fixed. Kernel images in the unstable Debian\ndistribution (sid) will be fixed soon.\n\nArchitecture stable (woody) unstable (sid) removed in sid\nsource 2.4.18-14.3 2.4.25-3 --\nalpha 2.4.18-15 soon --\ni386 2.4.18-13 soon --\ni386bf 2.4.18-5woody8 soon --\npowerpc 2.4.18-1woody5 2.4.25-8 2.4.22\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3.dsc\n Size/MD5 checksum: 664 a9d96cc8553c3a9085bad09e071c5814\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3.diff.gz\n Size/MD5 checksum: 70724 4de077af92c196a6af7797d1ceea4004\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz\n Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15.dsc\n Size/MD5 checksum: 876 453a2a47eb3c6b748e75e0cb65bdd6bb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15.tar.gz\n Size/MD5 checksum: 24922 f822e7999659ddcfd53dee73894afdc1\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.dsc\n Size/MD5 checksum: 1327 d37593f6e47c2b9809530eb54deeae3e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.tar.gz\n Size/MD5 checksum: 70213 c795ba781adbd8a19202d8d986a3d0da\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody8.dsc\n Size/MD5 checksum: 656 278af48a357187864c52382eeb13451d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody8.tar.gz\n Size/MD5 checksum: 26780 1f0c2eba8d3d90eef1a183f6b27f1fff\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5.dsc\n Size/MD5 checksum: 713 77511f3afefed1dd71c1f73e2e036000\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5.tar.gz\n Size/MD5 checksum: 79970 2720d9864cdd05bfc6b3bd7228ca9083\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.3_all.deb\n Size/MD5 checksum: 1720106 f25772ce2d398adc25509a1ae040c76f\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3_all.deb\n Size/MD5 checksum: 24138244 d63666d64cb91f59f2feded30ef8ea70\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5_all.deb\n Size/MD5 checksum: 79722 d822eaa6adcdd517d600d62c819db7b6\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-15_alpha.deb\n Size/MD5 checksum: 3363486 862f6e8f85737dd13c6ca9b760384f1a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-15_alpha.deb\n Size/MD5 checksum: 3512910 935ef424b222d336a642b2e7cd291e4a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-15_alpha.deb\n Size/MD5 checksum: 3515528 6ef19a362ec019e79fdb057fea1c9fc2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-15_alpha.deb\n Size/MD5 checksum: 12424690 725ff255cf8941cfb5c77581d8a518d4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-15_alpha.deb\n Size/MD5 checksum: 12801130 8d15f05215223ffcf9b11b3f682667d3\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13_i386.deb\n Size/MD5 checksum: 3429534 1aac0648c6f5fdee84721799806ef07a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13_i386.deb\n Size/MD5 checksum: 3446290 a13776eb95c3661696f86e06a6dbac48\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13_i386.deb\n Size/MD5 checksum: 3446482 233230438756120878a4e4b96876e61b\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13_i386.deb\n Size/MD5 checksum: 3446444 b5f8437bfd3279ed3f4b2f63fc2d75f5\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13_i386.deb\n Size/MD5 checksum: 3446458 6dbbfba03667156316b184bd939d21e2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13_i386.deb\n Size/MD5 checksum: 3446350 ff76c153c3eb285b1f7b035223bc1e39\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13_i386.deb\n Size/MD5 checksum: 3446324 dc2a142c75db787fdeb8a0c8e8941d1a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13_i386.deb\n Size/MD5 checksum: 1154336 96f1e8262a5b11a8498d70643e87f546\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13_i386.deb\n Size/MD5 checksum: 1154362 8b4bc947b6ab39a2deb0731f891889f3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13_i386.deb\n Size/MD5 checksum: 1154358 a6e7db160b30f90711be11260128a6bb\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13_i386.deb\n Size/MD5 checksum: 1154414 cde845ca2c7b351ce79b66965a04a748\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13_i386.deb\n Size/MD5 checksum: 1154338 407aa3a3a95aa5cd8aaf5b34b306b1a4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13_i386.deb\n Size/MD5 checksum: 1154342 152aca9d4a2d7014a9834c239d754d0e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13_i386.deb\n Size/MD5 checksum: 5746 9a5675e9da37620b2b3c8dc1aebfa5d0\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13_i386.deb\n Size/MD5 checksum: 5758 325071afd718f4c0c1ba8769aba9864d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13_i386.deb\n Size/MD5 checksum: 5778 212f47c992067729e8eb3da05c89c242\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13_i386.deb\n Size/MD5 checksum: 5804 683e3a330cfde650ede99e8a6a771149\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13_i386.deb\n Size/MD5 checksum: 5760 8a73b13a799928232f5028be37356ad2\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13_i386.deb\n Size/MD5 checksum: 5762 be2713125a6111ab76458e07d42f3634\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody8_i386.deb\n Size/MD5 checksum: 3411032 c97ea4fcff846ac6d0dc945d601cb97c\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody8_i386.deb\n Size/MD5 checksum: 6425640 83dc812db817e703eaa21451d048f4f7\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody5_powerpc.deb\n Size/MD5 checksum: 3433044 0836b0d1fbcc5c9f440d5c75ff14f006\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody5_powerpc.deb\n Size/MD5 checksum: 9456688 4473c2577d3be988993219b82ed90eda\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody5_powerpc.deb\n Size/MD5 checksum: 10105472 ae0b1d57bfc8593d9aa4ad1403044607\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody5_powerpc.deb\n Size/MD5 checksum: 10351786 f84fe609d7192a51c4f091c1c0893680\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-14T00:00:00", "published": "2004-04-14T00:00:00", "id": "DEBIAN:DSA-479-1:87BA2", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00077.html", "title": "[SECURITY] [DSA 479-1] New Linux 2.4.18 packages fix local root exploit (source+alpha+i386+powerpc)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:16", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 491-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 17th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.19 kernel-patch-2.4.19-mips\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the MIPS architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and future\nversions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\nArchitecture stable (woody) unstable (sid) remove in sid\nsource 2.4.19-4.woody2 2.4.25-3 2.4.19-11\nmips 2.4.19-0.020911.1.woody4 2.4.25-0.040415.1 2.4.19-0.020911.8\nh\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody2.dsc\n Size/MD5 checksum: 672 9860f430fe435100c103a42c7b5dbc66\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody2.diff.gz\n Size/MD5 checksum: 47625 cc802c42472c637de501dde07df7cec8\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19.orig.tar.gz\n Size/MD5 checksum: 32000211 237896fbb45ae652cc9c5cecc9b746da\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody4.dsc\n Size/MD5 checksum: 792 a21174ff774b45160cf3f714ea1ec226\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody4.tar.gz\n Size/MD5 checksum: 1032076 96e1ae069ef39afbdae505edc6f11375\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-doc-2.4.19_2.4.19-4.woody2_all.deb\n Size/MD5 checksum: 1783144 deaa1a0705f5f334ebbc60734b6bc2c7\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.19/kernel-source-2.4.19_2.4.19-4.woody2_all.deb\n Size/MD5 checksum: 25895130 f42c8c0b27e644d024e33738a5c87863\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-patch-2.4.19-mips_2.4.19-0.020911.1.woody4_all.deb\n Size/MD5 checksum: 1032600 c7ec4194385c7ee8601c7f4c87490d2f\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-headers-2.4.19_2.4.19-0.020911.1.woody4_mips.deb\n Size/MD5 checksum: 3894818 a2277f0f0f386754f129bac5f9f79af9\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r4k-ip22_2.4.19-0.020911.1.woody4_mips.deb\n Size/MD5 checksum: 2075552 c47eb88aa359b8b5613e24256d23ce96\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/kernel-image-2.4.19-r5k-ip22_2.4.19-0.020911.1.woody4_mips.deb\n Size/MD5 checksum: 2075960 a9a95f93c8dacac25dd45878b520ff37\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.19-mips/mips-tools_2.4.19-0.020911.1.woody4_mips.deb\n Size/MD5 checksum: 13114 4b8f0c9fbf91dcc093ac59087b016208\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-17T00:00:00", "published": "2004-04-17T00:00:00", "id": "DEBIAN:DSA-491-1:38E6F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00091.html", "title": "[SECURITY] [DSA 491-1] New Linux 2.4.19 packages fix local root exploit (mips)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:37", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 489-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 17th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.17 kernel-patch-2.4.17-mips\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the PowerPC/apus and S/390\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and future\nversions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\nArchitecture stable (woody) unstable (sid) remove in sid\nsource 2.4.17-1woody3 2.4.25-3 2.4.19-11\nmips 2.4.17-0.020226.2.woody6 fixed soon 2.4.19-0.020911.8\nmipsel 2.4.17-0.020226.2.woody6 2.4.25-0.040415.1 2.4.19-0.020911.9\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3.dsc\n Size/MD5 checksum: 690 222d67d058984eef34ef3af56ad82720\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3.diff.gz\n Size/MD5 checksum: 41918 dce13eeca598d548e390a72fed76728f\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17.orig.tar.gz\n Size/MD5 checksum: 29445154 d5de2a4dc49e32c37e557ef856d5d132\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody6.dsc\n Size/MD5 checksum: 805 2076a7b98736825eb39bf5bc8eba23d2\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody6.tar.gz\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-doc-2.4.17_2.4.17-1woody3_all.deb\n Size/MD5 checksum: 1720294 3b6e8a510996bebd066d1cda8bac41eb\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.17/kernel-source-2.4.17_2.4.17-1woody3_all.deb\n Size/MD5 checksum: 23880582 542792a28d1fc90844f9b51abe84f90e\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-patch-2.4.17-mips_2.4.17-0.020226.2.woody6_all.deb\n Size/MD5 checksum: 1149360 9e6755113b2f9aa136cb7a661ff17953\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody6_mips.deb\n Size/MD5 checksum: 3475460 5fd4b0778c297c49009ece259b417f22\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-ip22_2.4.17-0.020226.2.woody6_mips.deb\n Size/MD5 checksum: 2042058 a15d8dad4f6d3a0ca8f32bca87a153b3\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r5k-ip22_2.4.17-0.020226.2.woody6_mips.deb\n Size/MD5 checksum: 2042102 f9cc1ae2e4d53f0a017a842580823a34\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-headers-2.4.17_2.4.17-0.020226.2.woody6_mipsel.deb\n Size/MD5 checksum: 3474878 26731e041b80cfeb5bc609cf6f2b20a1\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r3k-kn02_2.4.17-0.020226.2.woody6_mipsel.deb\n Size/MD5 checksum: 2197528 b2cefc4f87ee78a1c146a4e428b2d44c\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/kernel-image-2.4.17-r4k-kn04_2.4.17-0.020226.2.woody6_mipsel.deb\n Size/MD5 checksum: 2193620 0cf8429a531c6eb29cdc34b4e343d9ac\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.17-mips/mips-tools_2.4.17-0.020226.2.woody6_mipsel.deb\n Size/MD5 checksum: 15394 7f2ad07ae6daa9de0db7d45cdc83ee59\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-17T00:00:00", "published": "2004-04-17T00:00:00", "id": "DEBIAN:DSA-489-1:DE4F1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00089.html", "title": "[SECURITY] [DSA 489-1] New Linux 2.4.17 packages fix local root exploit (mips+mipsel)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:23:08", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 480-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 14th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-image-2.4.17-hppa kernel-image-2.4.18-hppa\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 and 2.4.18 for the hppa\n(PA-RISC) architecture. The Common Vulnerabilities and Exposures\nproject identifies the following problems that will be fixed with this\nupdate:\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case an attacker could read sensitive data such\n as cryptographic keys which would otherwise never hit disk media.\n Theodore Ts'o developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction for this.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 32.4 for Linux 2.4.17 and in version 62.3 for Linux 2.4.18.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.4.dsc\n Size/MD5 checksum: 713 d6e475210d87586fafc91e1d557a1a81\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-hppa_32.4.tar.gz\n Size/MD5 checksum: 29958654 8357b4f2946cd1256a0ddf51395aaa1b\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-image-2.4.18-hppa_62.3.dsc\n Size/MD5 checksum: 713 a7dd8816219af9d8af30e0dd5d4933ae\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-image-2.4.18-hppa_62.3.tar.gz\n Size/MD5 checksum: 30341920 73ebcb15f4e1245792af77ab2edc8133\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-source-2.4.17-hppa_32.4_all.deb\n Size/MD5 checksum: 24111814 32a7c5a4b9b7f56f76a3810ee1c671bd\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-source-2.4.18-hppa_62.3_all.deb\n Size/MD5 checksum: 24403622 c5600ecd5365f4699e3937328536d997\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-headers-2.4.17-hppa_32.4_hppa.deb\n Size/MD5 checksum: 3531374 1ace6b1a6f1575bb05cfa38eef8ae28e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32_32.4_hppa.deb\n Size/MD5 checksum: 2738008 7460b70d3551740b099f47cc00f75a9a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-32-smp_32.4_hppa.deb\n Size/MD5 checksum: 2870152 3012e161b10a40ef75b5ca7dc99f646a\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64_32.4_hppa.deb\n Size/MD5 checksum: 3024374 dc9b851d809cbe09e4d4db58c905c8a8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-hppa/kernel-image-2.4.17-64-smp_32.4_hppa.deb\n Size/MD5 checksum: 3165848 b6b8cbf7f48fbf729c859350c7d09e11\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-headers-2.4.18-hppa_62.3_hppa.deb\n Size/MD5 checksum: 3545648 cdc19e048e49678e4f42bef608a24461\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-image-2.4.18-32_62.3_hppa.deb\n Size/MD5 checksum: 2763774 f51ec93fcb6101a2e3ecf4d9767237c8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-image-2.4.18-32-smp_62.3_hppa.deb\n Size/MD5 checksum: 2903956 88e4ca002820f71fcc5101762f8b24e4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-image-2.4.18-64_62.3_hppa.deb\n Size/MD5 checksum: 3061206 9ef449c857ec8a57c505fdee26b7a936\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-hppa/kernel-image-2.4.18-64-smp_62.3_hppa.deb\n Size/MD5 checksum: 3199070 e59926283c57ef868881e6cc1e501e6b\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-14T00:00:00", "published": "2004-04-14T00:00:00", "id": "DEBIAN:DSA-480-1:43C7F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00078.html", "title": "[SECURITY] [DSA 480-1] New Linux 2.4.17 and 2.4.18 packages fix local root exploit (hppa)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:21:44", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 495-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 26th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-source-2.4.16 kernel-patch-2.4.16-arm kernel-image-2.4.16-lart kernel-image-2.4.16-netwinder kernel-image-2.4.16-riscpc\nVulnerability : several vulnerabilities\nProblem-Type : local\nDebian-specific: no\nCVE ID : CAN-2003-0127 CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\nBugtraq ID : 10152\n\nSeveral serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.16 for the ARM architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update:\n\nCAN-2003-0127\n\n The kernel module loader allows local users to gain root\n privileges by using ptrace to attach to a child process that is\n spawned by the kernel\n\nCAN-2004-0003\n\n A vulnerability has been discovered in the R128 drive in the Linux\n kernel which could potentially lead an attacker to gain\n unauthorised privileges. Alan Cox and Thomas Biege developed a\n correction for this\n\nCAN-2004-0010\n\n Arjan van de Ven discovered a stack-based buffer overflow in the\n ncp_lookup function for ncpfs in the Linux kernel, which could\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\n developed a correction for this.\n\nCAN-2004-0109\n\n zen-parse discovered a buffer overflow vulnerability in the\n ISO9660 filesystem component of Linux kernel which could be abused\n by an attacker to gain unauthorised root access. Sebastian\n Krahmer and Ernie Petrides developed a correction for this.\n\nCAN-2004-0177\n\n Solar Designer discovered an information leak in the ext3 code of\n Linux. In a worst case a local attacker could obtain sensitive\n information (such as cryptographic keys in another worst case)\n which would otherwise never hit disk media. Theodore Ts'o\n developed a correction for this.\n\nCAN-2004-0178\n\n Andreas Kies discovered a denial of service condition in the Sound\n Blaster driver in Linux. He also developed a correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\nArchitecture stable (woody) unstable (sid)\nsource 2.4.16-1woody2 2.4.25-3\narm/patch 20040419 20040316\narm/lart 20040419 2.4.25-4\narm/netwinder 20040419 2.4.25-4\narm/riscpc 20040419 2.4.25-4\n\nWe recommend that you upgrade your kernel packages immediately, either\nwith a Debian provided kernel or with a self compiled one.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody2.dsc\n Size/MD5 checksum: 680 a1ea1561bea3bfeb7b4759a77984b8bf\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody2.diff.gz\n Size/MD5 checksum: 22668 16b2b377f1e557d40d3a80db9cb8ad54\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16.orig.tar.gz\n Size/MD5 checksum: 29364642 8e42e72848dc5098b6433d66d5cacffc\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.16-arm/kernel-patch-2.4.16-arm_20040419.dsc\n Size/MD5 checksum: 562 c63fd9d71828e954548b556d5e125240\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.16-arm/kernel-patch-2.4.16-arm_20040419.tar.gz\n Size/MD5 checksum: 578921 77cd43dd95b087612e8c7cb3234317f7\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419.dsc\n Size/MD5 checksum: 586 f8e8f67e3f7d83372c837207651faab0\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419.tar.gz\n Size/MD5 checksum: 16487 3f60ce2e0b02188b8329f3b6c2e55058\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419.dsc\n Size/MD5 checksum: 624 65fe313bb761c5bbd9ae635a74dd91c6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419.tar.gz\n Size/MD5 checksum: 21816 18e2386e66448e393060422f62e8e6ca\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419.dsc\n Size/MD5 checksum: 592 ec5c07d4e0e680b977cf75b638718367\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419.tar.gz\n Size/MD5 checksum: 19142 e72a1ed0b5acd3daa71f2b9e61b1deb4\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-doc-2.4.16_2.4.16-1woody2_all.deb\n Size/MD5 checksum: 1715626 bc7aec1ea3e2fda01fd6d2866421dbdc\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.16/kernel-source-2.4.16_2.4.16-1woody2_all.deb\n Size/MD5 checksum: 23808362 7a26ba7741038abddd79ce3cf331cd29\n\n http://security.debian.org/pool/updates/main/k/kernel-patch-2.4.16-arm/kernel-patch-2.4.16-arm_20040419_all.deb\n Size/MD5 checksum: 583052 df208765fa1a440633145a644b70b7d6\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-lart/kernel-image-2.4.16-lart_20040419_arm.deb\n Size/MD5 checksum: 717236 7eafa0d8bf0316b8474c8caf4510d333\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-headers-2.4.16_20040419_arm.deb\n Size/MD5 checksum: 3435640 9a2fbd1d8f65bfbfdac66575ed8e28d0\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-netwinder/kernel-image-2.4.16-netwinder_20040419_arm.deb\n Size/MD5 checksum: 6671270 122d99d7819f3f66485f8a77dab09f31\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.16-riscpc/kernel-image-2.4.16-riscpc_20040419_arm.deb\n Size/MD5 checksum: 2910474 20602cbdb8783b01c9b32e174cd4d4bd\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-04-26T00:00:00", "published": "2004-04-26T00:00:00", "id": "DEBIAN:DSA-495-1:D1996", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00095.html", "title": "[SECURITY] [DSA 495-1] New Linux 2.4.16 packages fix local root exploit (arm)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-30T02:22:57", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 358-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nJuly 31st, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : linux-kernel-i386, linux-kernel-alpha\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE Ids : CAN-2003-0461, CAN-2003-0462, CAN-2003-0476,\n CAN-2003-0501, CAN-2003-0550, CAN-2003-0551, CAN-2003-0552,\n CAN-2003-0018, CAN-2003-0619\n\nA number of vulnerabilities have been discovered in the Linux kernel.\n\n- - CAN-2003-0461: /proc/tty/driver/serial in Linux 2.4.x reveals the\n exact number of characters used in serial links, which could allow\n local users to obtain potentially sensitive information such as the\n length of passwords. This bug has been fixed by restricting access\n to /proc/tty/driver/serial.\n\n- - CAN-2003-0462: A race condition in the way env_start and env_end\n pointers are initialized in the execve system call and used in\n fs/proc/base.c on Linux 2.4 allows local users to cause a denial of\n service (crash).\n\n- - CAN-2003-0476: The execve system call in Linux 2.4.x records the\n file descriptor of the executable process in the file table of the\n calling process, which allows local users to gain read access to\n restricted file descriptors.\n\n- - CAN-2003-0501: The /proc filesystem in Linux allows local users to\n obtain sensitive information by opening various entries in\n /proc/self before executing a setuid program, which causes the\n program to fail to change the ownership and permissions of those\n entries.\n\n- - CAN-2003-0550: The STP protocol, as enabled in Linux 2.4.x, does not\n provide sufficient security by design, which allows attackers to\n modify the bridge topology. This bug has been fixed by disabling\n STP by default.\n\n- - CAN-2003-0551: The STP protocol, as enabled in Linux 2.4.x, does not\n provide sufficient security by design, which allows attackers to\n modify the bridge topology.\n\n- - CAN-2003-0552: Linux 2.4.x allows remote attackers to spoof the\n bridge forwarding table via forged packets whose source addresses\n are the same as the target.\n\n- - CAN-2003-0018: Linux kernel 2.4.10 through 2.4.21-pre4 does not\n properly handle the O_DIRECT feature, which allows local attackers\n with write privileges to read portions of previously deleted files,\n or cause file system corruption. This bug has been fixed by\n disabling O_DIRECT.\n\n- - CAN-2003-0619: Integer signedness error in the decode_fh function of\n nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to\n cause a denial of service (kernel panic) via a negative size value\n within XDR data of an NFSv3 procedure call.\n\nThis advisory covers only the i386 and alpha architectures. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-11,\nkernel-image-2.4.18-1-i386 version 2.4.18-9, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody2.\n\nFor the stable distribution (woody) on the alpha architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-11 and\nkernel-image-2.4.18-1-alpha version 2.4.18-8.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.4.20 version 2.4.20-9.\n\nWe recommend that you update your kernel packages.\n\nIf you are using the kernel installed by the installation system when\nthe "bf24" option is selected (for a 2.4.x kernel), you should install\nthe kernel-image-2.4.18-bf2.4 package. If you installed a different\nkernel-image package after installation, you should install the\ncorresponding 2.4.18-1 kernel. You may use the table below as a\nguide.\n\n| If "uname -r" shows: | Install this package:\n- ------------------------------------------------------\n| 2.4.18-bf2.4 | kernel-image-2.4.18-bf2.4\n| 2.4.18-386 | kernel-image-2.4.18-1-386\n| 2.4.18-586tsc | kernel-image-2.4.18-1-586tsc\n| 2.4.18-686 | kernel-image-2.4.18-1-686\n| 2.4.18-686-smp | kernel-image-2.4.18-1-686-smp\n| 2.4.18-k6 | kernel-image-2.4.18-1-k6\n| 2.4.18-k7 | kernel-image-2.4.18-1-k7\n\nNOTE: that this kernel is binary compatible with the previous kernel\nsecurity update, but not binary compatible with the corresponding\nkernel included in Debian 3.0r1. If you have not already applied the\nprevious security update (kernel-image-2.4.18-bf2.4 version\n2.4.18-5woody1 or any of the 2.4.18-1-* kernels), then any custom\nmodules will need to be rebuilt in order to work with the new kernel.\nNew PCMCIA modules are provided for all of the above kernels.\n\nNOTE: A system reboot will be required immediately after the upgrade\nin order to replace the running kernel. Remember to read carefully\nand follow the instructions given during the kernel upgrade process.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-9.dsc\n Size/MD5 checksum: 1323 a52f99a769d129819d6c8ada3c5045c6\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-9.tar.gz\n Size/MD5 checksum: 69606 e21b5ef20e4c7af4e455933df9ee4166\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody2.dsc\n Size/MD5 checksum: 654 ca1be1a797c9e30e263374955dd77b0f\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody2.tar.gz\n Size/MD5 checksum: 25822 602dd83e5607dd6b6ee5cf86e16790e5\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-8.dsc\n Size/MD5 checksum: 872 fcc88e846f61f02cf4fa27edf702a4db\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-8.tar.gz\n Size/MD5 checksum: 24061 beeb0146a914281de11f7439179956c0\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-11.dsc\n Size/MD5 checksum: 798 cf43f98322e7a024b16e06dc1f0f83eb\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-11.diff.gz\n Size/MD5 checksum: 66571 b19259c1b01f075a457b58610ee3f8b8\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz\n Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-9_i386.deb\n Size/MD5 checksum: 3397958 767768d092247730a5506c97f4f6c6c7\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-9_i386.deb\n Size/MD5 checksum: 3487150 3c296013374ffefcbdb0de781c6fd5ce\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-9_i386.deb\n Size/MD5 checksum: 3487900 7b262d0e0204b184aaaf1e13f7702907\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-9_i386.deb\n Size/MD5 checksum: 3488158 f51ebc4199c4813bd48ea0992acd6f93\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-9_i386.deb\n Size/MD5 checksum: 3489144 352f0331aaa6deb1775228535f88f282\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-9_i386.deb\n Size/MD5 checksum: 3487710 ea9a4d1feb084a5c696137b6bd34462e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-9_i386.deb\n Size/MD5 checksum: 3487954 21e564dd78bedb789815bd52194d3ff4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-9_i386.deb\n Size/MD5 checksum: 8797484 bbcf9f3824f23ec474ac7759fb854cc3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-9_i386.deb\n Size/MD5 checksum: 8704368 290e78d252a322a787c561e03b23cc15\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-9_i386.deb\n Size/MD5 checksum: 8702946 4087ed6ff51dd349071dff3eeee77b15\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-9_i386.deb\n Size/MD5 checksum: 8959820 77d9fc68ae40ee66ee08227adfd2a68d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-9_i386.deb\n Size/MD5 checksum: 8661146 3c50481605daabde929aad5340fa9178\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-9_i386.deb\n Size/MD5 checksum: 8862884 2ad9fef313514a07f876eef1a6b982d8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-9_i386.deb\n Size/MD5 checksum: 228132 83b331acd31e5fc0de4b8da9fa9cf8e3\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-9_i386.deb\n Size/MD5 checksum: 227688 6b66326ceae1d564ea51bbeeb7e3d919\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-9_i386.deb\n Size/MD5 checksum: 227144 fde12cbb05c113ae7dd3ffd4e2c552ff\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-9_i386.deb\n Size/MD5 checksum: 230818 db88f6cb1cf65c7435e6392e8bc3504d\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-9_i386.deb\n Size/MD5 checksum: 226792 72bfd4693f7bfaa939f7896258de33da\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-9_i386.deb\n Size/MD5 checksum: 230044 b27f6542766c03879409bba79bb716a8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody2_i386.deb\n Size/MD5 checksum: 3395196 a992ad938bd5cbeabfc22a59871965c4\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody2_i386.deb\n Size/MD5 checksum: 6424624 3c1918455da20eb109cf016bead1fbd2\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-8_alpha.deb\n Size/MD5 checksum: 3333278 8477964689288e4b74a26ee7250eb2b8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-8_alpha.deb\n Size/MD5 checksum: 3474414 af8fce811647795e67f54f44b2721e71\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-8_alpha.deb\n Size/MD5 checksum: 3476688 e7f09e05a0b5522c662e745e43fd6724\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-8_alpha.deb\n Size/MD5 checksum: 12425942 e95bbf7ede7553c6e514b8b153aa2e27\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-8_alpha.deb\n Size/MD5 checksum: 12799024 fbbbfb33c90c0816b01dba537e85df5e\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-11_all.deb\n Size/MD5 checksum: 1710260 16dd8f969b5a174083966d806226f27c\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-11_all.deb\n Size/MD5 checksum: 23886666 2bb0bcc7083d69962ac9875541b15d06\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "modified": "2003-07-31T00:00:00", "published": "2003-07-31T00:00:00", "id": "DEBIAN:DSA-358-1:BF347", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00155.html", "title": "[SECURITY] [DSA-358-1] New kernel source and i386, alpha kernel images fix multiple vulnerabilities", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-30T02:22:23", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 423-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 15th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kernel-image-2.4.17-ia64\nVulnerability : several\nProblem-Type : local, remote\nDebian-specific: no\nCVE IDs : CAN-2003-0001 CAN-2003-0018 CAN-2003-0127 CAN-2003-0461 CAN-2003-0462 CAN-2003-0476 CAN-2003-0501 CAN-2003-0550 CAN-2003-0551 CAN-2003-0552 CAN-2003-0961 CAN-2003-0985\n\nThe IA-64 maintainers fixed several security related bugs in the Linux\nkernel 2.4.17 used for the IA-64 architecture, mostly by backporting\nfixes from 2.4.18. The corrections are listed below with the\nidentification from the Common Vulnerabilities and Exposures (CVE)\nproject:\n\nCAN-2003-0001:\n\n Multiple ethernet network interface card (NIC) device drivers do\n not pad frames with null bytes, which allows remote attackers to\n obtain information from previous packets or kernel memory by using\n malformed packets, as demonstrated by Etherleak.\n\nCAN-2003-0018:\n\n Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle\n the O_DIRECT feature, which allows local attackers with write\n privileges to read portions of previously deleted files, or cause\n file system corruption.\n\nCAN-2003-0127:\n\n The kernel module loader in Linux kernel 2.2.x before 2.2.25, and\n 2.4.x before 2.4.21, allows local users to gain root privileges\n by using ptrace to attach to a child process which is spawned by\n the kernel.\n\nCAN-2003-0461:\n\n The virtual file /proc/tty/driver/serial in Linux 2.4.x reveals\n the exact number of characters used in serial links, which could\n allow local users to obtain potentially sensitive information such\n as the length of passwords.\n\nCAN-2003-0462:\n\n A race condition in the way env_start and env_end pointers are\n initialized in the execve system call and used in fs/proc/base.c\n on Linux 2.4 allows local users to cause a denial of service\n (crash).\n\nCAN-2003-0476:\n\n The execve system call in Linux 2.4.x records the file descriptor\n of the executable process in the file table of the calling\n process, which allows local users to gain read access to\n restricted file descriptors.\n\nCAN-2003-0501:\n\n The /proc filesystem in Linux allows local users to obtain\n sensitive information by opening various entries in /proc/self\n before executing a setuid program, which causes the program to\n fail to change the ownership and permissions of those entries.\n\nCAN-2003-0550:\n\n The STP protocol, as enabled in Linux 2.4.x, does not provide\n sufficient security by design, which allows attackers to modify\n the bridge topology.\n\nCAN-2003-0551:\n\n The STP protocol implementation in Linux 2.4.x does not properly\n verify certain lengths, which could allow attackers to cause a\n denial of service.\n\nCAN-2003-0552:\n\n Linux 2.4.x allows remote attackers to spoof the bridge Forwarding\n table via forged packets whose source addresses are the same as\n the target.\n\nCAN-2003-0961:\n\n An integer overflow in brk system call (do_brk function) for Linux\n kernel 2.4.22 and earlier allows local users to gain root\n privileges.\n\nCAN-2003-0985:\n\n The mremap system call (do_mremap) in Linux kernel 2.4 and 2.6\n does not properly perform boundary checks, which allows local\n users to cause a denial of service and possibly gain privileges by\n causing a remapping of a virtual memory area (VMA) to create a\n zero length VMA.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion kernel-image-2.4.17-ia64 for the ia64 architecture. Other\narchitectures are already or will be fixed separately.\n\nFor the unstable distribution (sid) this problem will be fixed soon\nwith newly uploaded packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.15.dsc\n Size/MD5 checksum: 736 cfd30b9d49a8e701ce13760cf619c3e8\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.15.tar.gz\n Size/MD5 checksum: 25403798 8c2cfd213fd07b06cc11e69201d15679\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-source-2.4.17-ia64_011226.15_all.deb\n Size/MD5 checksum: 24731332 d2a7dea12be6f7ca4a1a71a4ca7630f5\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-headers-2.4.17-ia64_011226.15_ia64.deb\n Size/MD5 checksum: 3636070 eab1dfc65ae7fc48566921d5bffdb78e\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium_011226.15_ia64.deb\n Size/MD5 checksum: 7022040 67192d2704da8a0b76598c7cfcff34d1\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium-smp_011226.15_ia64.deb\n Size/MD5 checksum: 7169484 d586b39c26904208de614ca51714b4c9\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley_011226.15_ia64.deb\n Size/MD5 checksum: 7012458 11849128d636125bdf83fd3959c6a6cf\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley-smp_011226.15_ia64.deb\n Size/MD5 checksum: 7163498 87b87cfbaccbe8e95c8df4e3fe00acee\n\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2004-01-15T00:00:00", "published": "2004-01-15T00:00:00", "id": "DEBIAN:DSA-423-1:85DBD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00018.html", "title": "[SECURITY] [DSA 423-1] New Linux 2.4.17 packages fix several problems (ia64)", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:50:19", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-source-2.4.17 kernel-patch-2.4.17-mips\nannounced via advisory DSA 489-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53183", "id": "OPENVAS:53183", "title": "Debian Security Advisory DSA 489-1 (kernel-source-2.4.17 kernel-patch-2.4.17-mips)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_489_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 489-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the PowerPC/apus and S/390\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update:\n\nCVE-2004-0003\n\nA vulnerability has been discovered in the R128 drive in the Linux\nkernel which could potentially lead an attacker to gain\nunauthorised privileges. Alan Cox and Thomas Biege developed a\ncorrection for this\n\nCVE-2004-0010\n\nArjan van de Ven discovered a stack-based buffer overflow in the\nncp_lookup function for ncpfs in the Linux kernel, which could\nlead an attacker to gain unauthorised privileges. Petr Vandrovec\ndeveloped a correction for this.\n\nCVE-2004-0109\n\nzen-parse discovered a buffer overflow vulnerability in the\nISO9660 filesystem component of Linux kernel which could be abused\nby an attacker to gain unauthorised root access. Sebastian\nKrahmer and Ernie Petrides developed a correction for this.\n\nCVE-2004-0177\n\nSolar Designer discovered an information leak in the ext3 code of\nLinux. In a worst case an attacker could read sensitive data such\nas cryptographic keys which would otherwise never hit disk media.\nTheodore Ts'o developed a correction for this.\n\nCVE-2004-0178\n\nAndreas Kies discovered a denial of service condition in the Sound\nBlaster driver in Linux. He also developed a correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and future\nversions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\nArchitecture stable (woody) unstable (sid) remove in sid\nsource 2.4.17-1woody3 2.4.25-3 2.4.19-11\nmips 2.4.17-0.020226.2.woody6 fixed soon 2.4.19-0.020911.8\nmipsel 2.4.17-0.020226.2.woody6 2.4.25-0.040415.1 2.4.19-0.020911.9\n\nWe recommend that you upgrade your kernel packages immediately, either\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.17 kernel-patch-2.4.17-mips\nannounced via advisory DSA 489-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20489-1\";\n\nif(description)\n{\n script_id(53183);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 489-1 (kernel-source-2.4.17 kernel-patch-2.4.17-mips)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.17\", ver:\"2.4.17-1woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17\", ver:\"2.4.17-1woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-mips\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r4k-ip22\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r5k-ip22\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r3k-kn02\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-r4k-kn04\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mips-tools\", ver:\"2.4.17-0.020226.2.woody6\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:55", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-source-2.4.17 kernel-patch-2.4.17-apus kernel-patch-2.4.17-s390 kernel-image-2.4.17-s390\nannounced via advisory DSA 482-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53685", "id": "OPENVAS:53685", "title": "Debian Security Advisory DSA 482-1 (kernel)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_482_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 482-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the PowerPC/apus and S/390\narchitectures.\n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed.\n\nArchitecture stable (woody) unstable (sid)\nsource 2.4.17-1woody3 2.4.25-3\npowerpc/apus 2.4.17-5 2.4.25-2\ns390 2.4.17-2.woody.4 2.4.25-2 (and probably 2.4.21-3)\n\nWe recommend that you upgrade your kernel packages immediately.\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.17 kernel-patch-2.4.17-apus kernel-patch-2.4.17-s390 kernel-image-2.4.17-s390\nannounced via advisory DSA 482-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20482-1\";\n\nif(description)\n{\n script_id(53685);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 482-1 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.17\", ver:\"2.4.17-1woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17\", ver:\"2.4.17-1woody3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-s390\", ver:\"0.0.20020816-0.woody.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17-apus\", ver:\"2.4.17-5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-apus\", ver:\"2.4.17-5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-apus\", ver:\"2.4.17-5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.17-apus\", ver:\"2.4.17-5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17\", ver:\"2.4.17-2.woody.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-s390\", ver:\"2.4.17-2.woody.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:55", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-source-2.4.19 kernel-patch-2.4.19-mips\nannounced via advisory DSA 491-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53178", "id": "OPENVAS:53178", "title": "Debian Security Advisory DSA 491-1 (kernel-source-2.4.19 kernel-patch-2.4.19-mips)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_491_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 491-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the MIPS architecture. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems that will be fixed with this update:\n\nCVE-2004-0003\n\nA vulnerability has been discovered in the R128 drive in the Linux\nkernel which could potentially lead an attacker to gain\nunauthorised privileges. Alan Cox and Thomas Biege developed a\ncorrection for this\n\nCVE-2004-0010\n\nArjan van de Ven discovered a stack-based buffer overflow in the\nncp_lookup function for ncpfs in the Linux kernel, which could\nlead an attacker to gain unauthorised privileges. Petr Vandrovec\ndeveloped a correction for this.\n\nCVE-2004-0109\n\nzen-parse discovered a buffer overflow vulnerability in the\nISO9660 filesystem component of Linux kernel which could be abused\nby an attacker to gain unauthorised root access. Sebastian\nKrahmer and Ernie Petrides developed a correction for this.\n\nCVE-2004-0177\n\nSolar Designer discovered an information leak in the ext3 code of\nLinux. In a worst case an attacker could read sensitive data such\nas cryptographic keys which would otherwise never hit disk media.\nTheodore Ts'o developed a correction for this.\n\nCVE-2004-0178\n\nAndreas Kies discovered a denial of service condition in the Sound\nBlaster driver in Linux. He also developed a correction for this.\n\nThese problems are also fixed by upstream in Linux 2.4.26 and future\nversions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\nArchitecture stable (woody) unstable (sid) remove in sid\nsource 2.4.19-4.woody2 2.4.25-3 2.4.19-11\nmips 2.4.19-0.020911.1.woody4 2.4.25-0.040415.1 2.4.19-0.020911.8\nh\nWe recommend that you upgrade your kernel packages immediately, either\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.19 kernel-patch-2.4.19-mips\nannounced via advisory DSA 491-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20491-1\";\n\nif(description)\n{\n script_id(53178);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 491-1 (kernel-source-2.4.19 kernel-patch-2.4.19-mips)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.19\", ver:\"2.4.19-4.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.19\", ver:\"2.4.19-4.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.19-mips\", ver:\"2.4.19-0.020911.1.woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.19\", ver:\"2.4.19-0.020911.1.woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.19-r4k-ip22\", ver:\"2.4.19-0.020911.1.woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.19-r5k-ip22\", ver:\"2.4.19-0.020911.1.woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mips-tools\", ver:\"2.4.19-0.020911.1.woody4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:20", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-image-2.4.18-1-i386\nannounced via advisory DSA 479-2.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53176", "id": "OPENVAS:53176", "title": "Debian Security Advisory DSA 479-2 (kernel-image-2.4.18-1-i386)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_479_2.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 479-2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.18 for the i386 architecture.\nThis advisory replaces the i386 part of DSA 479-1 (except for the\ni386bf part). An unfortunate build error caused some of the kernel\npackages in DSA 479-1 to be broken. They are updated with this\nadvisory. For completeness below is the original advisory text:\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems that will be fixed with this update:\n\nCVE-2004-0003\n\nA vulnerability has been discovered in the R128 drive in the Linux\nkernel which could potentially lead an attacker to gain\nunauthorised privileges. Alan Cox and Thomas Biege developed a\ncorrection for this\n\nCVE-2004-0010\n\nArjan van de Ven discovered a stack-based buffer overflow in the\nncp_lookup function for ncpfs in the Linux kernel, which could\nlead an attacker to gain unauthorised privileges. Petr Vandrovec\ndeveloped a correction for this.\n\nCVE-2004-0109\n\nzen-parse discovered a buffer overflow vulnerability in the\nISO9660 filesystem component of Linux kernel which could be abused\nby an attacker to gain unauthorised root access. Sebastian\nKrahmer and Ernie Petrides developed a correction for this.\n\nCVE-2004-0177\n\nSolar Designer discovered an information leak in the ext3 code of\nLinux. In a worst case an attacker could read sensitive data such\nas cryptographic keys which would otherwise never hit disk media.\nTheodore Ts'o developed a correction for this.\n\nCVE-2004-0178\n\nAndreas Kies discovered a denial of service condition in the Sound\nBlaster driver in Linux. He also developed a correction.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitecture are already fixed. Kernel images in the unstable Debian\ndistribution (sid) will be fixed soon.\n\nArchitecture stable (woody) unstable (sid) removed in sid\nsource 2.4.18-14.3 2.4.25-3 --\nalpha 2.4.18-15 soon --\ni386 2.4.18-13.1 soon --\ni386bf 2.4.18-5woody8 soon --\npowerpc 2.4.18-1woody5 2.4.25-8 2.4.22\n\nWe recommend that you upgrade your kernel packages immediately, either\";\ntag_summary = \"The remote host is missing an update to kernel-image-2.4.18-1-i386\nannounced via advisory DSA 479-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20479-2\";\n\nif(description)\n{\n script_id(53176);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 479-2 (kernel-image-2.4.18-1-i386)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-386\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-586tsc\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686-smp\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k6\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k7\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-386\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-586tsc\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686-smp\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k6\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k7\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-386\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k6\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k7\", ver:\"2.4.18-13.1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:45", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-image-2.4.17-hppa kernel-image-2.4.18-hppa\nannounced via advisory DSA 480-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53683", "id": "OPENVAS:53683", "title": "Debian Security Advisory DSA 480-1 (kernel-image-2.4.17-hppa kernel-image-2.4.18-hppa)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_480_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 480-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 and 2.4.18 for the hppa\n(PA-RISC) architecture. The Common Vulnerabilities and Exposures\nproject identifies the following problems that will be fixed with this\nupdate:\n\nCVE-2004-0003\n\nA vulnerability has been discovered in the R128 drive in the Linux\nkernel which could potentially lead an attacker to gain\nunauthorised privileges. Alan Cox and Thomas Biege developed a\ncorrection for this\n\nCVE-2004-0010\n\nArjan van de Ven discovered a stack-based buffer overflow in the\nncp_lookup function for ncpfs in the Linux kernel, which could\nlead an attacker to gain unauthorised privileges. Petr Vandrovec\ndeveloped a correction for this.\n\nCVE-2004-0109\n\nzen-parse discovered a buffer overflow vulnerability in the\nISO9660 filesystem component of Linux kernel which could be abused\nby an attacker to gain unauthorised root access. Sebastian\nKrahmer and Ernie Petrides developed a correction for this.\n\nCVE-2004-0177\n\nSolar Designer discovered an information leak in the ext3 code of\nLinux. In a worst case an attacker could read sensitive data such\nas cryptographic keys which would otherwise never hit disk media.\nTheodore Ts'o developed a correction for this.\n\nCVE-2004-0178\n\nAndreas Kies discovered a denial of service condition in the Sound\nBlaster driver in Linux. He also developed a correction for this.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 32.4 for Linux 2.4.17 and in version 62.3 for Linux 2.4.18.\n\nFor the unstable distribution (sid) these problems will be fixed soon.\n\nWe recommend that you upgrade your kernel packages immediately, either\";\ntag_summary = \"The remote host is missing an update to kernel-image-2.4.17-hppa kernel-image-2.4.18-hppa\nannounced via advisory DSA 480-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20480-1\";\n\nif(description)\n{\n script_id(53683);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 480-1 (kernel-image-2.4.17-hppa kernel-image-2.4.18-hppa)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17-hppa\", ver:\"32.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.18-hppa\", ver:\"62.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17-hppa\", ver:\"32.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-32\", ver:\"32.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-32-smp\", ver:\"32.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-64\", ver:\"32.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-64-smp\", ver:\"32.4\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-hppa\", ver:\"62.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-32\", ver:\"62.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-32-smp\", ver:\"62.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-64\", ver:\"62.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-64-smp\", ver:\"62.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:47", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-source-2.4.18,\nkernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386,\nkernel-image-2.4.18-i386bf, kernel-patch-2.4.18-powerpc\nannounced via advisory DSA 479-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53682", "id": "OPENVAS:53682", "title": "Debian Security Advisory DSA 479-1 (kernel)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_479_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 479-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.18 for the alpha, i386 and powerpc\narchitectures. The Common Vulnerabilities and Exposures project\nidentifies the following problems that will be fixed with this update:\n\nCVE-2004-0003\n\nA vulnerability has been discovered in the R128 drive in the Linux\nkernel which could potentially lead an attacker to gain\nunauthorised privileges. Alan Cox and Thomas Biege developed a\ncorrection for this\n\nCVE-2004-0010\n\nArjan van de Ven discovered a stack-based buffer overflow in the\nncp_lookup function for ncpfs in the Linux kernel, which could\nlead an attacker to gain unauthorised privileges. Petr Vandrovec\ndeveloped a correction for this.\n\nCVE-2004-0109\n\nzen-parse discovered a buffer overflow vulnerability in the\nISO9660 filesystem component of Linux kernel which could be abused\nby an attacker to gain unauthorised root access. Sebastian\nKrahmer and Ernie Petrides developed a correction for this.\n\nCVE-2004-0177\n\nSolar Designer discovered an information leak in the ext3 code of\nLinux. In a worst case an attacker could read sensitive data such\nas cryptographic keys which would otherwise never hit disk media.\nTheodore Ts'o developed a correction for this.\n\nCVE-2004-0178\n\nAndreas Kies discovered a denial of service condition in the Sound\nBlaster driver in Linux. He also developed a correction.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nThe following security matrix explains which kernel versions for which\narchitecture are already fixed. Kernel images in the unstable Debian\ndistribution (sid) will be fixed soon.\n\nArchitecture stable (woody) unstable (sid) removed in sid\nsource 2.4.18-14.3 2.4.25-3 --\nalpha 2.4.18-15 soon --\ni386 2.4.18-13 soon --\ni386bf 2.4.18-5woody8 soon --\npowerpc 2.4.18-1woody5 2.4.25-8 2.4.22\n\nWe recommend that you upgrade your kernel packages immediately, either\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.18,\nkernel-image-2.4.18-1-alpha, kernel-image-2.4.18-1-i386,\nkernel-image-2.4.18-i386bf, kernel-patch-2.4.18-powerpc\nannounced via advisory DSA 479-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20479-1\";\n\nif(description)\n{\n script_id(53682);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 479-1 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.18\", ver:\"2.4.18-14.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.18\", ver:\"2.4.18-14.3\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.18-powerpc\", ver:\"2.4.18-1woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-generic\", ver:\"2.4.18-15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-smp\", ver:\"2.4.18-15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-generic\", ver:\"2.4.18-15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-smp\", ver:\"2.4.18-15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-386\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-586tsc\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686-smp\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k6\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k7\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-386\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-586tsc\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686-smp\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k6\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k7\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-386\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k6\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k7\", ver:\"2.4.18-13\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-bf2.4\", ver:\"2.4.18-5woody8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-bf2.4\", ver:\"2.4.18-5woody8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18\", ver:\"2.4.18-1woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-newpmac\", ver:\"2.4.18-1woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-powerpc\", ver:\"2.4.18-1woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-powerpc-smp\", ver:\"2.4.18-1woody5\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:21", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-image-2.4.17-ia64\nannounced via advisory DSA 481-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53684", "id": "OPENVAS:53684", "title": "Debian Security Advisory DSA 481-1 (kernel-image-2.4.17-ia64)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_481_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 481-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several serious problems have been discovered in the Linux kernel.\nThis update takes care of Linux 2.4.17 for the IA-64 architecture.\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems that will be fixed with this update:\n\nCVE-2004-0003\n\nA vulnerability has been discovered in the R128 drive in the Linux\nkernel which could potentially lead an attacker to gain\nunauthorised privileges. Alan Cox and Thomas Biege developed a\ncorrection for this\n\nCVE-2004-0010\n\nArjan van de Ven discovered a stack-based buffer overflow in the\nncp_lookup function for ncpfs in the Linux kernel, which could\nlead an attacker to gain unauthorised privileges. Petr Vandrovec\ndeveloped a correction for this.\n\nCVE-2004-0109\n\nzen-parse discovered a buffer overflow vulnerability in the\nISO9660 filesystem component of Linux kernel which could be abused\nby an attacker to gain unauthorised root access. Sebastian\nKrahmer and Ernie Petrides developed a correction for this.\n\nCVE-2004-0177\n\nSolar Designer discovered an information leak in the ext3 code of\nLinux. In a worst case an attacker could read sensitive data such\nas cryptographic keys which would otherwise never hit disk media.\nTheodore Ts'o developed a correction for this.\n\nCVE-2004-0178\n\nAndreas Kies discovered a denial of service condition in the Sound\nBlaster driver in Linux. He also developed a correction for this.\n\nThese problems will also be fixed by upstream in Linux 2.4.26 and\nfuture versions of 2.6.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 011226.17 for Linux 2.4.17.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.4.25-5 for Linux 2.4.25 and in version 2.6.5-1 for Linux\n2.6.5.\n\nWe recommend that you upgrade your kernel packages immediately, either\";\ntag_summary = \"The remote host is missing an update to kernel-image-2.4.17-ia64\nannounced via advisory DSA 481-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20481-1\";\n\nif(description)\n{\n script_id(53684);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 481-1 (kernel-image-2.4.17-ia64)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17-ia64\", ver:\"011226.17\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17-ia64\", ver:\"011226.17\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-itanium\", ver:\"011226.17\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-itanium-smp\", ver:\"011226.17\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-mckinley\", ver:\"011226.17\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-mckinley-smp\", ver:\"011226.17\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:49", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-source-2.4.16 kernel-patch-2.4.16-arm kernel-image-2.4.16-lart kernel-image-2.4.16-netwinder kernel-image-2.4.16-riscpc\nannounced via advisory DSA 495-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53708", "id": "OPENVAS:53708", "title": "Debian Security Advisory DSA 495-1 (kernel)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_495_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 495-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"These problems are also fixed by upstream in Linux 2.4.26 and will be\nfixed in Linux 2.6.6.\n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nThe following security matrix explains which kernel versions for which\narchitectures are already fixed and which will be removed instead.\n\nArchitecture stable (woody) unstable (sid)\nsource 2.4.16-1woody2 2.4.25-3\narm/patch 20040419 20040316\narm/lart 20040419 2.4.25-4\narm/netwinder 20040419 2.4.25-4\narm/riscpc 20040419 2.4.25-4\n\nWe recommend that you upgrade your kernel packages immediately.\";\ntag_summary = \"The remote host is missing an update to kernel-source-2.4.16 kernel-patch-2.4.16-arm kernel-image-2.4.16-lart kernel-image-2.4.16-netwinder kernel-image-2.4.16-riscpc\nannounced via advisory DSA 495-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20495-1\";\n\nif(description)\n{\n script_id(53708);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0127\", \"CVE-2004-0003\", \"CVE-2004-0010\", \"CVE-2004-0109\", \"CVE-2004-0177\", \"CVE-2004-0178\");\n script_bugtraq_id(10152);\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 495-1 (kernel)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.16\", ver:\"2.4.16-1woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.16\", ver:\"2.4.16-1woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-patch-2.4.16-arm\", ver:\"20040419\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.16-lart\", ver:\"20040419\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.16\", ver:\"20040419\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.16-netwinder\", ver:\"20040419\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.16-riscpc\", ver:\"20040419\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:04", "bulletinFamily": "scanner", "description": "The remote host is missing an update to linux-kernel-i386, linux-kernel-alpha\nannounced via advisory DSA 358-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53647", "id": "OPENVAS:53647", "title": "Debian Security Advisory DSA 358-1 (linux-kernel-i386, linux-kernel-alpha)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_358_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 358-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A number of vulnerabilities have been discovered in the Linux kernel.\n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nThis advisory covers only the i386 and alpha architectures. Other\narchitectures will be covered by separate advisories.\n\nFor the stable distribution (woody) on the i386 architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-11,\nkernel-image-2.4.18-1-i386 version 2.4.18-9, and\nkernel-image-2.4.18-i386bf version 2.4.18-5woody2.\n\nFor the stable distribution (woody) on the alpha architecture, these\nproblems have been fixed in kernel-source-2.4.18 version 2.4.18-11 and\nkernel-image-2.4.18-1-alpha version 2.4.18-8.\n\nFor the unstable distribution (sid) these problems are fixed in\nkernel-source-2.4.20 version 2.4.20-9.\n\nWe recommend that you update your kernel packages.\";\ntag_summary = \"The remote host is missing an update to linux-kernel-i386, linux-kernel-alpha\nannounced via advisory DSA 358-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20358-1\";\n\nif(description)\n{\n script_id(53647);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0461\", \"CVE-2003-0462\", \"CVE-2003-0476\", \"CVE-2003-0501\", \"CVE-2003-0550\", \"CVE-2003-0551\", \"CVE-2003-0552\", \"CVE-2003-0018\", \"CVE-2003-0619\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 358-1 (linux-kernel-i386, linux-kernel-alpha)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-386\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-586tsc\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-686-smp\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k6\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-k7\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-386\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-586tsc\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-686-smp\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k6\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-k7\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-386\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-586tsc\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-686-smp\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k6\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-pcmcia-modules-2.4.18-1-k7\", ver:\"2.4.18-9\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-bf2.4\", ver:\"2.4.18-5woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-bf2.4\", ver:\"2.4.18-5woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-generic\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.18-1-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-generic\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.18-1-smp\", ver:\"2.4.18-8\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-doc-2.4.18\", ver:\"2.4.18-11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.18\", ver:\"2.4.18-11\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:44", "bulletinFamily": "scanner", "description": "The remote host is missing an update to kernel-image-2.4.17-ia64\nannounced via advisory DSA 423-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=53122", "id": "OPENVAS:53122", "title": "Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_423_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 423-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The IA-64 maintainers fixed several security related bugs in the Linux\nkernel 2.4.17 used for the IA-64 architecture, mostly by backporting\nfixes from 2.4.18. The resolved issues are identified by the appropriate\nCVE identifiers:\n\nCVE-2003-0001, CVE-2003-0018, CVE-2003-0127, CVE-2003-0461\nCVE-2003-0462, CVE-2003-0476, CVE-2003-0501, CVE-2003-0550\nCVE-2003-0551, CVE-2003-0552, CVE-2003-0961, CVE-2003-0985\n\nFor a more detailed description of the problems addressed,\nplease visit the referenced security advisory.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion kernel-image-2.4.17-ia64 for the ia64 architecture. Other\narchitectures are already or will be fixed separately.\n\nFor the unstable distribution (sid) this problem will be fixed soon\nwith newly uploaded packages.\";\ntag_summary = \"The remote host is missing an update to kernel-image-2.4.17-ia64\nannounced via advisory DSA 423-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20423-1\";\n\nif(description)\n{\n script_id(53122);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0001\", \"CVE-2003-0018\", \"CVE-2003-0127\", \"CVE-2003-0461\", \"CVE-2003-0462\", \"CVE-2003-0476\", \"CVE-2003-0501\", \"CVE-2003-0550\", \"CVE-2003-0551\", \"CVE-2003-0552\", \"CVE-2003-0961\", \"CVE-2003-0985\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kernel-source-2.4.17-ia64\", ver:\"011226.15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-headers-2.4.17-ia64\", ver:\"011226.15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-itanium\", ver:\"011226.15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-itanium-smp\", ver:\"011226.15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-mckinley\", ver:\"011226.15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kernel-image-2.4.17-mckinley-smp\", ver:\"011226.15\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:42:50", "bulletinFamily": "unix", "description": "Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. The do_mremap() function of the Linux Kernel is used to manage Virtual Memory Areas (VMAs) which includes moving, removing and resizing of memory areas. To remove old memory areas do_mremap() uses the function du_munmap() without checking the return value. By forcing do_munmap() to return an error the memory management of a process can be tricked into moving page table entries from one VMA to another. The destination VMA may be protected by a different ACL which enables a local attacker to gain write access to previous read-only pages. The result will be local root access to the system.", "modified": "2004-02-18T22:19:53", "published": "2004-02-18T22:19:53", "id": "SUSE-SA:2004:005", "href": "http://lists.opensuse.org/opensuse-security-announce/2004-02/msg00002.html", "title": "local privilege escalation in Linux Kernel", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:49:45", "bulletinFamily": "unix", "description": "This security update fixes a serious vulnerability in the Linux kernel. A missing bounds check in the brk() system call allowed processes to request memory beyond the maximum size allowed for tasks, causing kernel memory to be mapped into the process' address space. This allowed local attackers to obtain super user privileges.", "modified": "2003-12-04T15:40:06", "published": "2003-12-04T15:40:06", "id": "SUSE-SA:2003:049", "href": "http://lists.opensuse.org/opensuse-security-announce/2003-12/msg00006.html", "title": "local root exploit in Linux Kernel", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:09", "bulletinFamily": "unix", "description": "The Linux kernel handles the basic functions of the operating system.\n\nThis kernel updates several important drivers and fixes a number of bugs\nincluding potential security vulnerabilities.\n\niDefense reported a buffer overflow flaw in the ISO9660 filesystem code.\nAn attacker could create a malicious filesystem in such a way that root\nprivileges may be obtained if the filesystem is mounted. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-0109 to this issue.\n\nA flaw in return value checking in mremap() in the Linux kernel versions\n2.4.24 and previous that may allow a local attacker to gain root\nprivileges. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.\n\nA flaw in ncp_lookup() in ncpfs could allow local privilege escalation.\nThe ncpfs module allows a system to mount volumes of NetWare servers or\nprint to NetWare printers. This is part of the kernel-unsupported package.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CAN-2004-0010 to this issue.\n\nA flaw in the R128 Direct Render Infrastructure could allow local privilege\nescalation. This driver is part of the kernel-unsupported package. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned\nthe name CAN-2004-0003 to this issue.\n\nAn overflow was found in the ixj telephony card driver in Linux kernels\nprior to 2.4.20. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2002-1574 to this issue.\n\nThe following drivers were updated:\n\nIBM Serveraid 6.11.07\nMPT fusion v. 2.05.11.03\nQlogic v. 6.07.02-RH1\n\nAll users are advised to upgrade to these errata packages, which contain\nbackported security patches that correct these issues.", "modified": "2018-03-14T19:27:37", "published": "2004-04-21T04:00:00", "id": "RHSA-2004:106", "href": "https://access.redhat.com/errata/RHSA-2004:106", "type": "redhat", "title": "(RHSA-2004:106) kernel security update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:20", "bulletinFamily": "unix", "description": "The Linux kernel handles the basic functions of the operating\nsystem.\n\nPaul Starzetz discovered a flaw in return value checking in mremap() in the\nLinux kernel versions 2.4.24 and previous that may allow a local attacker\nto gain root privileges. No exploit is currently available; however this\nissue is exploitable. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.\n\nArjan van de Ven discovered a flaw in ncp_lookup() in ncpfs that could\nallow local privilege escalation. ncpfs is only used to allow a system to\nmount volumes of NetWare servers or print to NetWare printers. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2004-0010 to this issue.\n\nAll users are advised to upgrade to these errata packages, which contain\nbackported security patches that correct these issues. \n\nRed Hat would like to thank Paul Starzetz from ISEC for reporting this\nissue CAN-2004-0077.", "modified": "2018-03-14T19:26:52", "published": "2004-03-05T05:00:00", "id": "RHSA-2004:069", "href": "https://access.redhat.com/errata/RHSA-2004:069", "type": "redhat", "title": "(RHSA-2004:069) kernel security update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:50", "bulletinFamily": "unix", "description": "The Linux kernel handles the basic functions of the operating system.\n\nAlan Cox found issues in the R128 Direct Render Infrastructure that\ncould allow local privilege escalation. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2004-0003 to\nthis issue.\n\nThe C-Media PCI sound driver in Linux before 2.4.22 does not use the\nget_user function to access userspace in certain conditions, which crosses\nsecurity boundaries. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2003-0700 to this issue.\n\nAn overflow was found in the ixj telephony card driver in Linux kernels\nprior to 2.4.20. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2002-1574 to this issue.\n\nAll users are advised to upgrade to these errata packages, which contain\nbackported security patches that corrects these issues. These packages\nalso contain a fix to enhance NFS performance, which was degraded in the\nlast kernel update as part of Update 3.", "modified": "2018-03-14T19:26:33", "published": "2004-02-03T05:00:00", "id": "RHSA-2004:044", "href": "https://access.redhat.com/errata/RHSA-2004:044", "type": "redhat", "title": "(RHSA-2004:044) kernel security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:09", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 479-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nApril 14th, 2004 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : kernel-source-2.4.18 kernel-image-2.4.18-1-alpha kernel-image-2.4.18-1-i386 kernel-image-2.4.18-i386bf\r\nkernel-patch-2.4.18-powerpc\r\nVulnerability : several vulnerabilities\r\nProblem-Type : local\r\nDebian-specific: no\r\nCVE ID : CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178\r\n\r\nSeveral serious problems have been discovered in the Linux kernel.\r\nThis update takes care of Linux 2.4.18 for the alpha, i386 and powerpc\r\narchitectures. The Common Vulnerabilities and Exposures project\r\nidentifies the following problems that will be fixed with this update:\r\n\r\nCAN-2004-0003\r\n\r\n A vulnerability has been discovered in the R128 drive in the Linux\r\n kernel which could potentially lead an attacker to gain\r\n unauthorised privileges. Alan Cox and Thomas Biege developed a\r\n correction for this\r\n\r\nCAN-2004-0010\r\n\r\n Arjan van de Ven discovered a stack-based buffer overflow in the\r\n ncp_lookup function for ncpfs in the Linux kernel, which could\r\n lead an attacker to gain unauthorised privileges. Petr Vandrovec\r\n developed a correction for this.\r\n\r\nCAN-2004-0109\r\n\r\n zen-parse discovered a buffer overflow vulnerability in the\r\n ISO9660 filesystem component of Linux kernel which could be abused\r\n by an attacker to gain unauthorised root access. Sebastian\r\n Krahmer and Ernie Petrides developed a correction for this.\r\n\r\nCAN-2004-0177\r\n\r\n Solar Designer discovered an information leak in the ext3 code of\r\n Linux. In a worst case an attacker could read sensitive data such\r\n as cryptographic keys which would otherwise never hit disk media.\r\n Theodore Ts'o developed a correction for this.\r\n\r\nCAN-2004-0178\r\n\r\n Andreas Kies discovered a denial of service condition in the Sound\r\n Blaster driver in Linux. He also developed a correction.\r\n\r\nThese problems will also be fixed by upstream in Linux 2.4.26 and\r\nfuture versions of 2.6.\r\n\r\nThe following security matrix explains which kernel versions for which\r\narchitecture are already fixed. Kernel images in the unstable Debian\r\ndistribution (sid) will be fixed soon.\r\n\r\nArchitecture stable (woody) unstable (sid) removed in sid\r\nsource 2.4.18-14.3 2.4.25-3 --\r\nalpha 2.4.18-15 soon --\r\ni386 2.4.18-13 soon --\r\ni386bf 2.4.18-5woody8 soon --\r\npowerpc 2.4.18-1woody5 2.4.25-8 2.4.22\r\n\r\nWe recommend that you upgrade your kernel packages immediately, either\r\nwith a Debian provided kernel or with a self compiled one.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.0 alias woody\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3.dsc\r\n Size/MD5 checksum: 664 a9d96cc8553c3a9085bad09e071c5814\r\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3.diff.gz\r\n Size/MD5 checksum: 70724 4de077af92c196a6af7797d1ceea4004\r\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18.orig.tar.gz\r\n Size/MD5 checksum: 29818323 24b4c45a04a23eb4ce465eb326a6ddf2\r\n\r\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15.dsc\r\n Size/MD5 checksum: 876 453a2a47eb3c6b748e75e0cb65bdd6bb\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-alpha_2.4.18-15.tar.gz\r\n Size/MD5 checksum: 24922 f822e7999659ddcfd53dee73894afdc1\r\n\r\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.dsc\r\n Size/MD5 checksum: 1327 d37593f6e47c2b9809530eb54deeae3e\r\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-i386_2.4.18-13.tar.gz\r\n Size/MD5 checksum: 70213 c795ba781adbd8a19202d8d986a3d0da\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody8.dsc\r\n Size/MD5 checksum: 656 278af48a357187864c52382eeb13451d\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-i386bf_2.4.18-5woody8.tar.gz\r\n Size/MD5 checksum: 26780 1f0c2eba8d3d90eef1a183f6b27f1fff\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5.dsc\r\n Size/MD5 checksum: 713 77511f3afefed1dd71c1f73e2e036000\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5.tar.gz\r\n Size/MD5 checksum: 79970 2720d9864cdd05bfc6b3bd7228ca9083\r\n\r\n Architecture independent components:\r\n\r\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-doc-2.4.18_2.4.18-14.3_all.deb\r\n Size/MD5 checksum: 1720106 f25772ce2d398adc25509a1ae040c76f\r\n http://security.debian.org/pool/updates/main/k/kernel-source-2.4.18/kernel-source-2.4.18_2.4.18-14.3_all.deb\r\n Size/MD5 checksum: 24138244 d63666d64cb91f59f2feded30ef8ea70\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-patch-2.4.18-powerpc_2.4.18-1woody5_all.deb\r\n Size/MD5 checksum: 79722 d822eaa6adcdd517d600d62c819db7b6\r\n\r\n Alpha architecture:\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1_2.4.18-15_alpha.deb\r\n Size/MD5 checksum: 3363486 862f6e8f85737dd13c6ca9b760384f1a\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-generic_2.4.18-15_alpha.deb\r\n Size/MD5 checksum: 3512910 935ef424b222d336a642b2e7cd291e4a\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-headers-2.4.18-1-smp_2.4.18-15_alpha.deb\r\n Size/MD5 checksum: 3515528 6ef19a362ec019e79fdb057fea1c9fc2\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-generic_2.4.18-15_alpha.deb\r\n Size/MD5 checksum: 12424690 725ff255cf8941cfb5c77581d8a518d4\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-alpha/kernel-image-2.4.18-1-smp_2.4.18-15_alpha.deb\r\n Size/MD5 checksum: 12801130 8d15f05215223ffcf9b11b3f682667d3\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3429534 1aac0648c6f5fdee84721799806ef07a\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-386_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3446290 a13776eb95c3661696f86e06a6dbac48\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-586tsc_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3446482 233230438756120878a4e4b96876e61b\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3446444 b5f8437bfd3279ed3f4b2f63fc2d75f5\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-686-smp_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3446458 6dbbfba03667156316b184bd939d21e2\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k6_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3446350 ff76c153c3eb285b1f7b035223bc1e39\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-headers-2.4.18-1-k7_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 3446324 dc2a142c75db787fdeb8a0c8e8941d1a\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-386_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 1154336 96f1e8262a5b11a8498d70643e87f546\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-586tsc_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 1154362 8b4bc947b6ab39a2deb0731f891889f3\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 1154358 a6e7db160b30f90711be11260128a6bb\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-686-smp_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 1154414 cde845ca2c7b351ce79b66965a04a748\r\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k6_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 1154338 407aa3a3a95aa5cd8aaf5b34b306b1a4\r\n http://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-image-2.4.18-1-k7_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 1154342 152aca9d4a2d7014a9834c239d754d0e\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-386_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 5746 9a5675e9da37620b2b3c8dc1aebfa5d0\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-586tsc_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 5758 325071afd718f4c0c1ba8769aba9864d\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 5778 212f47c992067729e8eb3da05c89c242\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-686-smp_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 5804 683e3a330cfde650ede99e8a6a771149\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k6_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 5760 8a73b13a799928232f5028be37356ad2\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-1-i386/kernel-pcmcia-modules-2.4.18-1-k7_2.4.18-13_i386.deb\r\n Size/MD5 checksum: 5762 be2713125a6111ab76458e07d42f3634\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-headers-2.4.18-bf2.4_2.4.18-5woody8_i386.deb\r\n Size/MD5 checksum: 3411032 c97ea4fcff846ac6d0dc945d601cb97c\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-image-2.4.18-i386bf/kernel-image-2.4.18-bf2.4_2.4.18-5woody8_i386.deb\r\n Size/MD5 checksum: 6425640 83dc812db817e703eaa21451d048f4f7\r\n\r\n PowerPC architecture:\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-headers-2.4.18_2.4.18-1woody5_powerpc.deb\r\n Size/MD5 checksum: 3433044 0836b0d1fbcc5c9f440d5c75ff14f006\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-newpmac_2.4.18-1woody5_powerpc.deb\r\n Size/MD5 checksum: 9456688 4473c2577d3be988993219b82ed90eda\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc_2.4.18-1woody5_powerpc.deb\r\n Size/MD5 checksum: 10105472 ae0b1d57bfc8593d9aa4ad1403044607\r\n \r\nhttp://security.debian.org/pool/updates/main/k/kernel-patch-2.4.18-powerpc/kernel-image-2.4.18-powerpc-smp_2.4.18-1woody5_powerpc.deb\r\n Size/MD5 checksum: 10351786 f84fe609d7192a51c4f091c1c0893680\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next revision.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.2.4 (GNU/Linux)\r\n\r\niD8DBQFAfVAvW5ql+IAeqTIRAl2ZAJ9iOjA7z+AE4QFETph/RgdpfKu3WwCfdBmo\r\nl3YTSWUqfR8Uz29E6qhoitY=\r\n=tRLO\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.netsys.com/full-disclosure-charter.html", "modified": "2004-04-14T00:00:00", "published": "2004-04-14T00:00:00", "id": "SECURITYVULNS:DOC:6068", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:6068", "title": "[Full-Disclosure] [SECURITY] [DSA 479-1] New Linux 2.4.18 packages fix local root exploit (source+alpha+i386+powerpc)", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:08", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ---------------------------------------------------------------------\r\n Red Hat Security Advisory\r\n\r\nSynopsis: Updated 2.4 kernel fixes vulnerabilities\r\nAdvisory ID: RHSA-2003:238-01\r\nIssue date: 2003-07-21\r\nUpdated on: 2003-07-21\r\nProduct: Red Hat Linux\r\nKeywords: \r\nCross references: \r\nObsoletes: RHSA-2003:098 RHBA-2003:135 RHSA-2003:172 RHSA-2003:187\r\nCVE Names: CAN-2003-0461 CAN-2003-0462 CAN-2003-0476 CAN-2003-0501 CAN-2003-0550\r\nCAN-2003-0551 CAN-2003-0552\r\n- ---------------------------------------------------------------------\r\n\r\n1. Topic:\r\n\r\nUpdated kernel packages are now available fixing several security\r\nvulnerabilities.\r\n\r\n2. Relevant releases/architectures:\r\n\r\nRed Hat Linux 7.1 - athlon, i386, i586, i686\r\nRed Hat Linux 7.2 - athlon, i386, i586, i686\r\nRed Hat Linux 7.3 - athlon, i386, i586, i686\r\nRed Hat Linux 8.0 - athlon, i386, i586, i686\r\nRed Hat Linux 9 - athlon, i386, i586, i686\r\n\r\n3. Problem description:\r\n\r\nThe Linux kernel handles the basic functions of the operating system.\r\n\r\nSeveral security issues have been discovered affecting the Linux kernel:\r\n\r\nCAN-2003-0461: /proc/tty/driver/serial reveals the exact character counts\r\nfor serial links. This could be used by a local attacker to infer password\r\nlengths and inter-keystroke timings during password entry.\r\n\r\nCAN-2003-0462: Paul Starzetz discovered a file read race condition existing\r\nin the execve() system call, which could cause a local crash.\r\n\r\nCAN-2003-0464: A recent change in the RPC code set the reuse flag on\r\nnewly-created sockets. Olaf Kirch noticed that his could allow normal\r\nusers to bind to UDP ports used for services such as nfsd.\r\n\r\nCAN-2003-0476: The execve system call in Linux 2.4.x records the file\r\ndescriptor of the executable process in the file table of the calling\r\nprocess, allowing local users to gain read access to restricted file\r\ndescriptors. \r\n\r\nCAN-2003-0501: The /proc filesystem in Linux allows local users to obtain\r\nsensitive information by opening various entries in /proc/self before\r\nexecuting a setuid program. This causes the program to fail to change the\r\nownership and permissions of already opened entries.\r\n \r\nCAN-2003-0550: The STP protocol is known to have no security, which could\r\nallow attackers to alter the bridge topology. STP is now turned off by\r\ndefault.\r\n\r\nCAN-2003-0551: STP input processing was lax in its length checking, which\r\ncould lead to a denial of service.\r\n\r\nCAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table could\r\nbe spoofed by sending forged packets with bogus source addresses the same\r\nas the local host. \r\n\r\nAll users are advised to upgrade to these errata packages, which contain\r\nbackported security patches correcting these vulnerabilities.\r\n \r\n\r\nImportant:\r\n\r\nIf you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from\r\nRHSA-2003-187, and if you use Red Hat Linux 7.2 or 7.3, you must have\r\ninstalled quota-3.06-9.7 from RHSA-2003-187.\r\n\r\n4. Solution:\r\n\r\nBefore applying this update, make sure all previously released errata\r\nrelevant to your system have been applied.\r\n\r\nTo use Red Hat Network to upgrade the kernel, launch the Red Hat Update\r\nAgent with the following command:\r\n\r\nup2date\r\n\r\nThis will start an interactive process that will result in the appropriate\r\nRPMs being upgraded on your system. Note that you need to select the\r\nkernel explicitly if you are using the default configuration of up2date.\r\n\r\nTo install kernel packages manually, use "rpm -ivh <package>" and\r\nmodify system settings to boot the kernel you have installed. To\r\ndo this, edit /boot/grub/grub.conf and change the default entry to\r\n"default=0" (or, if you have chosen to use LILO as your boot loader,\r\nedit /etc/lilo.conf and run lilo)\r\n\r\nDo not use "rpm -Uvh" as that will remove your running kernel binaries\r\nfrom your system. You may use "rpm -e" to remove old kernels after\r\ndetermining that the new kernel functions properly on your system.\r\n\r\n5. RPMs required:\r\n\r\nRed Hat Linux 7.1:\r\n\r\nSRPMS:\r\nftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm\r\n\r\nathlon:\r\nftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm\r\nftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm\r\n\r\ni386:\r\nftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm\r\n\r\ni586:\r\nftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.20-19.7.i586.rpm\r\nftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm\r\n\r\ni686:\r\nftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-19.7.i686.rpm\r\nftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm\r\nftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm\r\n\r\nRed Hat Linux 7.2:\r\n\r\nSRPMS:\r\nftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm\r\n\r\nathlon:\r\nftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm\r\nftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm\r\n\r\ni386:\r\nftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm\r\n\r\ni586:\r\nftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.20-19.7.i586.rpm\r\nftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm\r\n\r\ni686:\r\nftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-19.7.i686.rpm\r\nftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm\r\nftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm\r\n\r\nRed Hat Linux 7.3:\r\n\r\nSRPMS:\r\nftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm\r\n\r\nathlon:\r\nftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm\r\nftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm\r\n\r\ni386:\r\nftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm\r\nftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm\r\n\r\ni586:\r\nftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.20-19.7.i586.rpm\r\nftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm\r\n\r\ni686:\r\nftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.20-19.7.i686.rpm\r\nftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm\r\nftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm\r\n\r\nRed Hat Linux 8.0:\r\n\r\nSRPMS:\r\nftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.20-19.8.src.rpm\r\n\r\nathlon:\r\nftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.20-19.8.athlon.rpm\r\nftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.20-19.8.athlon.rpm\r\n\r\ni386:\r\nftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.20-19.8.i386.rpm\r\nftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.20-19.8.i386.rpm\r\nftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.20-19.8.i386.rpm\r\nftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.20-19.8.i386.rpm\r\n\r\ni586:\r\nftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.20-19.8.i586.rpm\r\nftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.20-19.8.i586.rpm\r\n\r\ni686:\r\nftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.20-19.8.i686.rpm\r\nftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.20-19.8.i686.rpm\r\nftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.20-19.8.i686.rpm\r\n\r\nRed Hat Linux 9:\r\n\r\nSRPMS:\r\nftp://updates.redhat.com/9/en/os/SRPMS/kernel-2.4.20-19.9.src.rpm\r\n\r\nathlon:\r\nftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-19.9.athlon.rpm\r\nftp://updates.redhat.com/9/en/os/athlon/kernel-smp-2.4.20-19.9.athlon.rpm\r\n\r\ni386:\r\nftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-19.9.i386.rpm\r\nftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-19.9.i386.rpm\r\nftp://updates.redhat.com/9/en/os/i386/kernel-doc-2.4.20-19.9.i386.rpm\r\nftp://updates.redhat.com/9/en/os/i386/kernel-BOOT-2.4.20-19.9.i386.rpm\r\n\r\ni586:\r\nftp://updates.redhat.com/9/en/os/i586/kernel-2.4.20-19.9.i586.rpm\r\nftp://updates.redhat.com/9/en/os/i586/kernel-smp-2.4.20-19.9.i586.rpm\r\n\r\ni686:\r\nftp://updates.redhat.com/9/en/os/i686/kernel-2.4.20-19.9.i686.rpm\r\nftp://updates.redhat.com/9/en/os/i686/kernel-smp-2.4.20-19.9.i686.rpm\r\nftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-19.9.i686.rpm\r\n\r\n\r\n\r\n6. Verification:\r\n\r\nMD5 sum Package Name\r\n- --------------------------------------------------------------------------\r\n698d00bb8d014e20e717b554aa582bf5 7.1/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm\r\n41a8c2599df485a6299bcde0a25ae284 7.1/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm\r\ndc872a77835fc0fd81d54905ba979183 7.1/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm\r\n41e4f2992c6beaf0a4d3fdbb631c5e9d 7.1/en/os/i386/kernel-2.4.20-19.7.i386.rpm\r\n64894543c12748599d6abb945d0c03c9 7.1/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm\r\n02634a9fdecc9a9b8c028187b9c0dccc 7.1/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm\r\n537f69c51f85b04130082d06a6497946 7.1/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm\r\n7e6672a3758853a9fe482dd1840b570c 7.1/en/os/i586/kernel-2.4.20-19.7.i586.rpm\r\na17f6e2e1ec4cd10fa34377092bfb075 7.1/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm\r\na7a968d159074b0d7d9bf570e0d4453b 7.1/en/os/i686/kernel-2.4.20-19.7.i686.rpm\r\n50e7098370f3184b9f8170883a63af4c 7.1/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm\r\n5e28ba6b0d2e8562f572de0b0724eeb7 7.1/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm\r\n698d00bb8d014e20e717b554aa582bf5 7.2/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm\r\n41a8c2599df485a6299bcde0a25ae284 7.2/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm\r\ndc872a77835fc0fd81d54905ba979183 7.2/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm\r\n41e4f2992c6beaf0a4d3fdbb631c5e9d 7.2/en/os/i386/kernel-2.4.20-19.7.i386.rpm\r\n64894543c12748599d6abb945d0c03c9 7.2/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm\r\n02634a9fdecc9a9b8c028187b9c0dccc 7.2/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm\r\n537f69c51f85b04130082d06a6497946 7.2/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm\r\n7e6672a3758853a9fe482dd1840b570c 7.2/en/os/i586/kernel-2.4.20-19.7.i586.rpm\r\na17f6e2e1ec4cd10fa34377092bfb075 7.2/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm\r\na7a968d159074b0d7d9bf570e0d4453b 7.2/en/os/i686/kernel-2.4.20-19.7.i686.rpm\r\n50e7098370f3184b9f8170883a63af4c 7.2/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm\r\n5e28ba6b0d2e8562f572de0b0724eeb7 7.2/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm\r\n698d00bb8d014e20e717b554aa582bf5 7.3/en/os/SRPMS/kernel-2.4.20-19.7.src.rpm\r\n41a8c2599df485a6299bcde0a25ae284 7.3/en/os/athlon/kernel-2.4.20-19.7.athlon.rpm\r\ndc872a77835fc0fd81d54905ba979183 7.3/en/os/athlon/kernel-smp-2.4.20-19.7.athlon.rpm\r\n41e4f2992c6beaf0a4d3fdbb631c5e9d 7.3/en/os/i386/kernel-2.4.20-19.7.i386.rpm\r\n64894543c12748599d6abb945d0c03c9 7.3/en/os/i386/kernel-BOOT-2.4.20-19.7.i386.rpm\r\n02634a9fdecc9a9b8c028187b9c0dccc 7.3/en/os/i386/kernel-doc-2.4.20-19.7.i386.rpm\r\n537f69c51f85b04130082d06a6497946 7.3/en/os/i386/kernel-source-2.4.20-19.7.i386.rpm\r\n7e6672a3758853a9fe482dd1840b570c 7.3/en/os/i586/kernel-2.4.20-19.7.i586.rpm\r\na17f6e2e1ec4cd10fa34377092bfb075 7.3/en/os/i586/kernel-smp-2.4.20-19.7.i586.rpm\r\na7a968d159074b0d7d9bf570e0d4453b 7.3/en/os/i686/kernel-2.4.20-19.7.i686.rpm\r\n50e7098370f3184b9f8170883a63af4c 7.3/en/os/i686/kernel-bigmem-2.4.20-19.7.i686.rpm\r\n5e28ba6b0d2e8562f572de0b0724eeb7 7.3/en/os/i686/kernel-smp-2.4.20-19.7.i686.rpm\r\ncf43c708a8c9b92a273aad9782ebe3fc 8.0/en/os/SRPMS/kernel-2.4.20-19.8.src.rpm\r\n8fc7f90b8e8d557c41d6cf2547952c1d 8.0/en/os/athlon/kernel-2.4.20-19.8.athlon.rpm\r\n52b18ab6ae28422e518642517644da35 8.0/en/os/athlon/kernel-smp-2.4.20-19.8.athlon.rpm\r\nfbfff1b36f17e26e6a1ce479ef49e365 8.0/en/os/i386/kernel-2.4.20-19.8.i386.rpm\r\n4d8350dd66be36060bf0551f36a9eb6f 8.0/en/os/i386/kernel-BOOT-2.4.20-19.8.i386.rpm\r\naf87de700f6b2568e6b7d5ed4ef75df1 8.0/en/os/i386/kernel-doc-2.4.20-19.8.i386.rpm\r\nb5e079c96b00226951564afcc2d4d5af 8.0/en/os/i386/kernel-source-2.4.20-19.8.i386.rpm\r\n8cc317a6f56dbdc0c1464a7e96ee37b8 8.0/en/os/i586/kernel-2.4.20-19.8.i586.rpm\r\na552754aad9099019c18cdc8d5cb1f41 8.0/en/os/i586/kernel-smp-2.4.20-19.8.i586.rpm\r\n9f0d0622b37dc199e8cb79acfc426d74 8.0/en/os/i686/kernel-2.4.20-19.8.i686.rpm\r\nf91b6e385290e82075c2b321247f8ada 8.0/en/os/i686/kernel-bigmem-2.4.20-19.8.i686.rpm\r\n9856cb68f2f32410ae5ffc7a9789bccb 8.0/en/os/i686/kernel-smp-2.4.20-19.8.i686.rpm\r\n6ca9ea03ece1c3a40d0c1acb5bb5d2f2 9/en/os/SRPMS/kernel-2.4.20-19.9.src.rpm\r\n2e1ecff32d8c91126f96032576afbe7b 9/en/os/athlon/kernel-2.4.20-19.9.athlon.rpm\r\na22c6fc30dc64d1394361f93890fc23e 9/en/os/athlon/kernel-smp-2.4.20-19.9.athlon.rpm\r\n030ed2ec0324b58a1e80e8c7ee54effe 9/en/os/i386/kernel-2.4.20-19.9.i386.rpm\r\nf97f319353b32eeb2f96a0311135c856 9/en/os/i386/kernel-BOOT-2.4.20-19.9.i386.rpm\r\nd31fe42a6b1269362dd70ee361bdc94d 9/en/os/i386/kernel-doc-2.4.20-19.9.i386.rpm\r\n0daf50da25ade8cce42e7445dfe0d24c 9/en/os/i386/kernel-source-2.4.20-19.9.i386.rpm\r\nbd471aa92a83aa40c6fc4ee06e5f2f0e 9/en/os/i586/kernel-2.4.20-19.9.i586.rpm\r\ncafec48037739216070833def01a3832 9/en/os/i586/kernel-smp-2.4.20-19.9.i586.rpm\r\ne940c18ed58ca525ba0545be23ce43b4 9/en/os/i686/kernel-2.4.20-19.9.i686.rpm\r\nb2216f3ac6697ca319ed8547a1edb320 9/en/os/i686/kernel-bigmem-2.4.20-19.9.i686.rpm\r\nbb8b49b539bf16b8bce329d80dfafaca 9/en/os/i686/kernel-smp-2.4.20-19.9.i686.rpm\r\n\r\n\r\nThese packages are GPG signed by Red Hat for security. Our key is\r\navailable from http://www.redhat.com/security/keys.html\r\n\r\nYou can verify each package with the following command:\r\n \r\n rpm --checksig -v <filename>\r\n\r\nIf you only wish to verify that each package has not been corrupted or\r\ntampered with, examine only the md5sum with the following command:\r\n \r\n md5sum <filename>\r\n\r\n\r\n7. References:\r\n\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0461\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0462\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0476\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0501\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0550\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0551\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0552\r\n\r\n8. Contact:\r\n\r\nThe Red Hat security contact is <secalert@redhat.com>. More contact\r\ndetails at http://www.redhat.com/solutions/security/news/contact.html\r\n\r\nCopyright 2003 Red Hat, Inc.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\niD8DBQE/HAkuXlSAg2UNWIIRAsz6AKCknjao8gejYDstoUdX3cOd+GQ1WgCgjGyn\r\nA7P+z9B6vegwVVNgIWdEGBY=\r\n=6vJH\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2003-07-22T00:00:00", "published": "2003-07-22T00:00:00", "id": "SECURITYVULNS:DOC:4884", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:4884", "title": "[RHSA-2003:238-01] Updated 2.4 kernel fixes vulnerabilities", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:04", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nISS X-Force ID: 12727\n[CVE-2003-0465](https://vulners.com/cve/CVE-2003-0465)\nCIAC Advisory: o-145\nBugtraq ID: 10331\n", "modified": "2003-07-11T00:00:00", "published": "2003-07-11T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:9593", "id": "OSVDB:9593", "title": "Linux Kernel strncpy Function %NUL Pad Information Disclosure", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-04-28T13:19:57", "bulletinFamily": "software", "description": "## Vulnerability Description\nThe Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The vulnerability is caused due to an unspecified error in \"/dev/rtc\" real time clock routines, which may disclose parts of kernel memory to unprivileged users. It potentially can be exploited by malicious, local users to gain knowledge of sensitive information.\n## Solution Description\nUpgrade to version 2.4.24 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nThe Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The vulnerability is caused due to an unspecified error in \"/dev/rtc\" real time clock routines, which may disclose parts of kernel memory to unprivileged users. It potentially can be exploited by malicious, local users to gain knowledge of sensitive information.\n## References:\nVendor URL: http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24\nVendor Specific Solution URL: http://www.suse.com/de/security/2003_049_kernel.html\n[Vendor Specific Advisory URL](http://www.suse.com/de/security/2003_049_kernel.html)\n[Vendor Specific Advisory URL](http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000799)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1067)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1069)\n[Vendor Specific Advisory URL](http://smoothwall.org/security/advisories/SWP-2004.001.html)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1070)\n[Vendor Specific Advisory URL](http://rhn.redhat.com/errata/RHSA-2003-417.html)\n[Vendor Specific Advisory URL](http://www.us.debian.org/security/2006/dsa-1082)\n[Secunia Advisory ID:20162](https://secuniaresearch.flexerasoftware.com/advisories/20162/)\n[Secunia Advisory ID:20163](https://secuniaresearch.flexerasoftware.com/advisories/20163/)\n[Secunia Advisory ID:10533](https://secuniaresearch.flexerasoftware.com/advisories/10533/)\n[Secunia Advisory ID:20202](https://secuniaresearch.flexerasoftware.com/advisories/20202/)\n[Secunia Advisory ID:20338](https://secuniaresearch.flexerasoftware.com/advisories/20338/)\nOther Advisory URL: http://www.linuxsecurity.com/advisories/engarde_advisory-3904.html\nISS X-Force ID: 13943\n[CVE-2003-0984](https://vulners.com/cve/CVE-2003-0984)\nBugtraq ID: 9154\n", "modified": "2004-01-05T12:12:26", "published": "2004-01-05T12:12:26", "href": "https://vulners.com/osvdb/OSVDB:3317", "id": "OSVDB:3317", "title": "Linux Kernel Real Time Clock Kernel Memory Disclosure", "type": "osvdb", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:05", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html\n[Secunia Advisory ID:9402](https://secuniaresearch.flexerasoftware.com/advisories/9402/)\nRedHat RHSA: RHSA-2003:238\nOVAL ID: 304\nOVAL ID: 997\n[CVE-2003-0461](https://vulners.com/cve/CVE-2003-0461)\n", "modified": "2002-05-03T00:00:00", "published": "2002-05-03T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:10298", "id": "OSVDB:10298", "type": "osvdb", "title": "Linux Kernel Serial Link Information Disclosure", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-04-28T13:19:58", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:10912](https://secuniaresearch.flexerasoftware.com/advisories/10912/)\n[CVE-2004-0010](https://vulners.com/cve/CVE-2004-0010)\n", "modified": "2004-02-19T04:56:02", "published": "2004-02-19T04:56:02", "href": "https://vulners.com/osvdb/OSVDB:3992", "id": "OSVDB:3992", "type": "osvdb", "title": "Linux kernel ncpfs Privilege Escalation ", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-28T13:19:58", "bulletinFamily": "software", "description": "## Vulnerability Description\nLinux contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is unspecified, but related to \"R128 DRI limits checking.\" This flaw may lead to a loss of confidentiality, integrity and/or availability.\n## Solution Description\nUpgrade to version 2.4.22 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nLinux contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is unspecified, but related to \"R128 DRI limits checking.\" This flaw may lead to a loss of confidentiality, integrity and/or availability.\n## References:\nVendor URL: http://www.kernel.org\n[Secunia Advisory ID:12075](https://secuniaresearch.flexerasoftware.com/advisories/12075/)\n[Secunia Advisory ID:10782](https://secuniaresearch.flexerasoftware.com/advisories/10782/)\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000846\n[CVE-2004-0003](https://vulners.com/cve/CVE-2004-0003)\n", "modified": "2004-02-04T06:58:15", "published": "2004-02-04T06:58:15", "href": "https://vulners.com/osvdb/OSVDB:3807", "id": "OSVDB:3807", "type": "osvdb", "title": "Linux Kernel R128 DRI Limits Checking Privilege Escalation", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "cert": [{"lastseen": "2019-10-09T19:52:34", "bulletinFamily": "info", "description": "### Overview \n\nThere is a vulnerability in the Linux kernel memory management routines that allows local users to gain superuser privileges.\n\n### Description \n\nThe Linux kernel contains a vulnerability in the do_mremap() call that allows software to create a virtual memory area (VMA) with a length of 0 bytes. This vulnerability is reported to exist in versions 2.4.23 and earlier, excluding 2.2.x versions. Because the vulnerability is located within the kernel, multiple Linux distributions will be affected. An attacker with local access to an affected host may be able to exploit this vulnerability and gain superuser privileges. \n \n--- \n \n### Impact \n\nThis vulnerability allows local users to gain superuser privileges on affected hosts. \n \n--- \n \n### Solution \n\n**Apply a patch from your vendor**\n\nThis vulnerability affects multiple Linux distributions; please see the Systems Affected section of this document for information on specific vendors. \n \n--- \n \n### Vendor Information\n\n490620\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Vendor has issued information\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n__ Affected __ Unknown __ Unaffected \n\n**Javascript is disabled. Click here to view vendors.**\n\n### __ __ Conectiva\n\nNotified: January 05, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n- -------------------------------------------------------------------------- \nCONECTIVA LINUX SECURITY ANNOUNCEMENT \n- -------------------------------------------------------------------------- \n \nPACKAGE : kernel \nSUMMARY : Fix for two vulnerabilities \nDATE : 2004-01-05 13:46:00 \nID : CLA-2004:799 \nRELEVANT \nRELEASES : 8, 9 \n \n- ------------------------------------------------------------------------- \n \nDESCRIPTION \nThe Linux kernel is responsible for handling the basic functions of \nthe GNU/Linux operating system. \n \nThis announcement fixes two local vulnerabilities in the kernel \npackage: \n \n1) mremap() local vulnerability (CAN-2003-0985[2]) \nPaul Starzetz <ihaquer@isec.pl> from iSEC Security Research \nreported[1] another vulnerability in the Linux memory management code \nwhich can be used by local attackers to obtain root privileges or \ncause a denial of service condition (DoS). \n \n2) Information leak in RTC code (CAN-2003-0984[3]) \nRussell King <rmk@arm.linux.org.uk> reported that real time clock \n(RTC) routines in Linux kernel 2.4.23 and earlier do not properly \ninitialize their structures, which could leak kernel data to user \nspace. \n \n \nSOLUTION \nIt is recommended that all Conectiva Linux users upgrade the kernel \npackage. \n \nIMPORTANT: exercise caution and preparation when upgrading the \nkernel, since it will require a reboot after the new packages are \ninstalled. In particular, Conectiva Linux 9 will most likely require \nan initrd file (which is automatically created in the /boot directory \nafter the new packages are installed). Generic kernel update \ninstructions can be obtained in the manuals and in our faq page[4]. \n \n \nREFERENCES \n1.http://isec.pl/vulnerabilities/isec-0013-mremap.txt \n2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 \n3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984 \n4.http://www.conectiva.com.br/suporte/pr/sistema.kernel.atualizar.html \n \n \nUPDATED PACKAGES \n<ftp://atualizacoes.conectiva.com.br/8/SRPMS/kernel-2.4.19-1U80_20cl.src.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/devfsd-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_20cl.i586.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-2.4.19-1U80_20cl.i686.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-BOOT-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-doc-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-enterprise-2.4.19-1U80_20cl.i686.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-headers-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-rbc-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_20cl.i586.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-smp-2.4.19-1U80_20cl.i686.rpm> \n<ftp://atualizacoes.conectiva.com.br/8/RPMS/kernel-source-2.4.19-1U80_20cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/SRPMS/kernel24-2.4.21-31301U90_13cl.src.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/devfsd-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_13cl.athlon.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_13cl.i586.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_13cl.i686.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-2.4.21-31301U90_13cl.pentium4.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-BOOT-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-doc-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_13cl.athlon.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_13cl.i686.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-enterprise-2.4.21-31301U90_13cl.pentium4.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-rbc-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-headers-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_13cl.athlon.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_13cl.i386.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_13cl.i586.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_13cl.i686.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-smp-2.4.21-31301U90_13cl.pentium4.rpm> \n<ftp://atualizacoes.conectiva.com.br/9/RPMS/kernel24-source-2.4.21-31301U90_13cl.i386.rpm> \n \n \nADDITIONAL INSTRUCTIONS \nThe apt tool can be used to perform RPM packages upgrades: \n \n- run: apt-get update \n- after that, execute: apt-get upgrade \n \nDetailed instructions reagarding the use of apt and upgrade examples \ncan be found at <http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en> \n \n- ------------------------------------------------------------------------- \nAll packages are signed with Conectiva's GPG key. The key and instructions \non how to import it can be found at \n<http://distro.conectiva.com.br/seguranca/chave/?idioma=en> \nInstructions on how to check the signatures of the RPM packages can be \nfound at <http://distro.conectiva.com.br/seguranca/politica/?idioma=en> \n \n- ------------------------------------------------------------------------- \nAll our advisories and generic update instructions can be viewed at \n<http://distro.conectiva.com.br/atualizacoes/?idioma=en> \n \n- ------------------------------------------------------------------------- \nCopyright (c) 2003 Conectiva Inc. \n<http://www.conectiva.com> \n \n- ------------------------------------------------------------------------- \nsubscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br \nunsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.0.6 (GNU/Linux) \nComment: For info see <http://www.gnupg.org> \n \niD8DBQE/+Ybk42jd0JmAcZARAlJKAJ9x6rYu5qb5jtj4LcLlOiujzTQW/ACgvvTj \nuK6MQOfSZS/wH32ltbNIXt0= \n=ZgeM \n-----END PGP SIGNATURE-----`\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Debian\n\nNotified: January 06, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nDebian has published several advisories to address this vulnerability across multiple processor architectures. For further details, please see the document that corresponds to your processor architecture and kernel version:\n\n \n[_DSA-450-1_](<http://www.debian.org/security/2004/dsa-450>) linux-kernel-2.4.19-mips -- several vulnerabilities \n[_DSA-442-1_](<http://www.debian.org/security/2004/dsa-442>) linux-kernel-2.4.17-s390 -- several vulnerabilities \n[_DSA-440-1_](<http://www.debian.org/security/2004/dsa-440>) linux-kernel-2.4.17-powerpc-apus -- several vulnerabilities \n[_DSA-439-1_](<http://www.debian.org/security/2004/dsa-439>) linux-kernel-2.4.16-arm -- several vulnerabilities \n[_DSA-427-1_](<http://www.debian.org/security/2004/dsa-427>) linux-kernel-2.4.17-mips+mipsel -- missing boundary check \n[_DSA-423-1_](<http://www.debian.org/security/2004/dsa-423>) linux-kernel-2.4.17-ia64 -- several vulnerabilities \n[_DSA-417-1_](<http://www.debian.org/security/2004/dsa-417>) linux-kernel-2.4.18-powerpc+alpha -- missing boundary check \n[_DSA-413-2_](<http://www.debian.org/security/2004/dsa-413>) linux-kernel-2.4.18 -- missing boundary check \n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ __ Guardian Digital Inc.\n\nNotified: January 05, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n\\-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n \n+------------------------------------------------------------------------+ \n| Guardian Digital Security Advisory January 05, 2003 | \n| <http://www.guardiandigital.com> ESA-20040105-001 | \n| | \n| Package: kernel | \n| Summary: bug and security fixes. | \n+------------------------------------------------------------------------+ \n \nEnGarde Secure Linux is an enterprise class Linux platform engineered \nto enable corporations to quickly and cost-effectively build a complete \nand secure Internet presence while preventing Internet threats. \n \nOVERVIEW \n\\- -------- \nThis update fixes two security issues and one critical bug in the Linux \nKernel shipped with EnGarde Secure Linux. \n \nA summary of the bugs fixed: \n \n* An EnGarde-specific memory leak in the LIDS code has been fixed. \nThis memory leak could cause a machine, over time, to freeze up. \n \n* A security vulnerability in the mremap(2) system call was recently \ndiscovered by Paul Starzetz. The incorrect bounds checking done \nin this system call could be exploited by a local user to gain root \nprivileges. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the name CAN-2003-0985 to this issue. \n \n* A somewhat less critical vulnerability has been found in the Linux \nRTC code. This vulnerability may leak small bits of arbitrary \nkernel memory to user land. \n \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the name CAN-2003-0984 to this issue. \n \nGuardian Digital products affected by this issue include: \n \nEnGarde Secure Community 2 \nEnGarde Secure Professional v1.5 \n \nIt is recommended that all users apply this update as soon as possible. \n \nSOLUTION \n\\- -------- \nGuardian Digital Secure Network subscribers may automatically update \naffected systems by accessing their account from within the Guardian \nDigital WebTool. \n \nTo modify your GDSN account and contact preferences, please go to: \n \n<https://www.guardiandigital.com/account/> \n \nREFERENCES \n\\- ---------- \nGuardian Digital's public key: \n<http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY> \n \nOfficial Web Site of the Linux Kernel: \n<http://www.kernel.org/> \n \nGuardian Digital Advisories: \n<http://infocenter.guardiandigital.com/advisories/> \n \nSecurity Contact: security@guardiandigital.com \n \n\\- -------------------------------------------------------------------------- \nAuthor: Ryan W. Maple <ryan@guardiandigital.com> \nCopyright 2004, Guardian Digital, Inc. \n \n\\-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.2 (GNU/Linux) \n \niD8DBQE/+XJ8HD5cqd57fu0RAletAKCLtCixF4Qvs9hes1S+9UiTZY/tNQCdFjm1 \no6kgmRCVXNU+thpSaxg7zm0= \n=MU9t \n\\-----END PGP SIGNATURE-----\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ __ MandrakeSoft\n\nNotified: January 07, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n_______________________________________________________________________ \n \nMandrake Linux Security Update Advisory \n_______________________________________________________________________ \n \nPackage name: kernel \nAdvisory ID: MDKSA-2004:001 \nDate: January 7th, 2004 \n \nAffected versions: 9.0, 9.1, 9.2, Corporate Server 2.1, \nMulti Network Firewall 8.2 \n______________________________________________________________________ \n \nProblem Description: \n \nA flaw in bounds checking in mremap() in the Linux kernel versions \n2.4.23 and previous was discovered by Paul Starzetz. This flaw may \nbe used to allow a local attacker to obtain root privilege. \n \nAnother minor information leak in the RTC (real time clock) routines \nwas fixed as well. \n \nAll Mandrake Linux users are encouraged to upgrade to these packages \nimmediately. To update your kernel, please follow the directions \nlocated at: \n \n<http://www.mandrakesecure.net/en/kernelupdate.php> \n \nMandrake Linux 9.1 and 9.2 users should upgrade the initscripts (9.1) \nand bootloader-utils (9.2) packages prior to upgrading the kernel as \nthey contain a fixed installkernel script that fixes instances where \nthe loop module was not being loaded and would cause mkinitrd to fail. \n \nUsers requiring commercial NVIDIA drivers can find drivers for \nMandrake Linux 9.2 at MandrakeClub. \n_______________________________________________________________________ \n \nReferences: \n \n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985> \n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984> \n______________________________________________________________________ \n \nUpdated Packages: \n \nCorporate Server 2.1: \n344b324173b04d135c00072452203021 corporate/2.1/RPMS/kernel-2.4.19.37mdk-1-1mdk.i586.rpm \n558b3f1e0ae41705a7e9d934d49947c4 corporate/2.1/RPMS/kernel-enterprise-2.4.19.37mdk-1-1mdk.i586.rpm \n6a06c2133a894e542caf6cedf72e6d89 corporate/2.1/RPMS/kernel-secure-2.4.19.37mdk-1-1mdk.i586.rpm \n45aaeb3cf17a0d59adfabf63e6d8de6f corporate/2.1/RPMS/kernel-smp-2.4.19.37mdk-1-1mdk.i586.rpm \nfd3c78a32146b808d3355e375e2a05b4 corporate/2.1/RPMS/kernel-source-2.4.19-37mdk.i586.rpm \nadc06d97e9468534ec14e330b102180c corporate/2.1/SRPMS/kernel-2.4.19.37mdk-1-1mdk.src.rpm \n \nCorporate Server 2.1/x86_64: \nd3d77a7084d6d5a976a8a40285ba03b6 x86_64/corporate/2.1/RPMS/kernel-2.4.19.34mdk-1-1mdk.x86_64.rpm \nb2bb6374e1f0e2db7ea9d3f13b4a0d6f x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.34mdk-1-1mdk.x86_64.rpm \n216d6cfcc6a3409228d1a5161c6b0aeb x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.34mdk-1-1mdk.x86_64.rpm \n780d0a110c2512006a4e9cb52afe463c x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-34mdk.x86_64.rpm \na1fb994e250ce11fc08e460dee0cddd5 x86_64/corporate/2.1/SRPMS/kernel-2.4.19.34mdk-1-1mdk.src.rpm \n \nMandrake Linux 9.0: \n344b324173b04d135c00072452203021 9.0/RPMS/kernel-2.4.19.37mdk-1-1mdk.i586.rpm \n558b3f1e0ae41705a7e9d934d49947c4 9.0/RPMS/kernel-enterprise-2.4.19.37mdk-1-1mdk.i586.rpm \n6a06c2133a894e542caf6cedf72e6d89 9.0/RPMS/kernel-secure-2.4.19.37mdk-1-1mdk.i586.rpm \n45aaeb3cf17a0d59adfabf63e6d8de6f 9.0/RPMS/kernel-smp-2.4.19.37mdk-1-1mdk.i586.rpm \nfd3c78a32146b808d3355e375e2a05b4 9.0/RPMS/kernel-source-2.4.19-37mdk.i586.rpm \nadc06d97e9468534ec14e330b102180c 9.0/SRPMS/kernel-2.4.19.37mdk-1-1mdk.src.rpm \n \nMandrake Linux 9.1: \n2bde1321f95b49fa456ade29d03f0212 9.1/RPMS/initscripts-7.06-12.3.91mdk.i586.rpm \n7e6a48635fc44714dd4efdd5714c1968 9.1/RPMS/kernel-2.4.21.0.27mdk-1-1mdk.i586.rpm \nf901e50a01fb020f31102a2cf494e817 9.1/RPMS/kernel-enterprise-2.4.21.0.27mdk-1-1mdk.i586.rpm \n10c60ba7a25f1e7b3ea1f19636afcc6b 9.1/RPMS/kernel-secure-2.4.21.0.27mdk-1-1mdk.i586.rpm \n6270d3d1ce00b5d85931145e1b27f8a4 9.1/RPMS/kernel-smp-2.4.21.0.27mdk-1-1mdk.i586.rpm \n165628ae2d42c0f2f9bf894d3e9fc432 9.1/RPMS/kernel-source-2.4.21-0.27mdk.i586.rpm \n8cfd6b274467b7165bd5985805254567 9.1/SRPMS/initscripts-7.06-12.3.91mdk.src.rpm \nb6cd338f787dc5062763004afa45e623 9.1/SRPMS/kernel-2.4.21.0.27mdk-1-1mdk.src.rpm \n \nMandrake Linux 9.1/PPC: \n08ec2073354e8d64ebf81a79cd5bc319 ppc/9.1/RPMS/initscripts-7.06-12.3.91mdk.ppc.rpm \n84f9d61c4b504c6ccce1f87344d96692 ppc/9.1/RPMS/kernel-2.4.21.0.27mdk-1-1mdk.ppc.rpm \nb389e5b0bffa3e166c2960d8e032fab1 ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.27mdk-1-1mdk.ppc.rpm \n0c0fd519aba807c43c78b89360ff26b1 ppc/9.1/RPMS/kernel-smp-2.4.21.0.27mdk-1-1mdk.ppc.rpm \nfeec3693688aedea8defd75da9cf6919 ppc/9.1/RPMS/kernel-source-2.4.21-0.27mdk.ppc.rpm \n8cfd6b274467b7165bd5985805254567 ppc/9.1/SRPMS/initscripts-7.06-12.3.91mdk.src.rpm \nb6cd338f787dc5062763004afa45e623 ppc/9.1/SRPMS/kernel-2.4.21.0.27mdk-1-1mdk.src.rpm \n \nMandrake Linux 9.2: \ndbae8a701a027e2a0aeb524643d3cdee 9.2/RPMS/bootloader-utils-1.6-3.1.92mdk.i586.rpm \n2f9b2ed7be3388932bbc319611a0b8b7 9.2/RPMS/kernel-2.4.22.26mdk-1-1mdk.i586.rpm \nb2f4fe01031d1bf8d26ea6c408be63f8 9.2/RPMS/kernel-enterprise-2.4.22.26mdk-1-1mdk.i586.rpm \ne0dc38c45880e6732a50feba5470eaac 9.2/RPMS/kernel-i686-up-4GB-2.4.22.26mdk-1-1mdk.i586.rpm \nf4c5098f1ef165692963956fbc844690 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.26mdk-1-1mdk.i586.rpm \n957ea9608c9e6488185e1d5b19d615e2 9.2/RPMS/kernel-secure-2.4.22.26mdk-1-1mdk.i586.rpm \n6c9bc5e4353a8f336a4bfe928a79bd13 9.2/RPMS/kernel-smp-2.4.22.26mdk-1-1mdk.i586.rpm \n8068ecb61313e6157811dbb8fe0f46a1 9.2/RPMS/kernel-source-2.4.22-26mdk.i586.rpm \n664a1994ee4c0d90df8f9341afa5b818 9.2/SRPMS/bootloader-utils-1.6-3.1.92mdk.src.rpm \n4d92e02dee3945e4b7476ba4bba9bf6d 9.2/SRPMS/kernel-2.4.22.26mdk-1-1mdk.src.rpm \n \nMandrake Linux 9.2/AMD64: \n603219ea9ca09a9283c98ebfaab3c1ba amd64/9.2/RPMS/bootloader-utils-1.6-3.1.92mdk.amd64.rpm \n2d44e7cd4ff2148e3b9e548fd1beec59 amd64/9.2/RPMS/kernel-2.4.22.27mdk-1-1mdk.amd64.rpm \ne98224df11f1c5f8c2432457e1e4a004 amd64/9.2/RPMS/kernel-secure-2.4.22.27mdk-1-1mdk.amd64.rpm \n0dd710693b0df96ac6b1e68c5f5ad7c9 amd64/9.2/RPMS/kernel-smp-2.4.22.27mdk-1-1mdk.amd64.rpm \nd3b57b8dd9a19a6b4ed2f8f01cfeb75f amd64/9.2/RPMS/kernel-source-2.4.22-27mdk.amd64.rpm \n664a1994ee4c0d90df8f9341afa5b818 amd64/9.2/SRPMS/bootloader-utils-1.6-3.1.92mdk.src.rpm \n945e4f9405fcccac6a844a86109b74b6 amd64/9.2/SRPMS/kernel-2.4.22.27mdk-1-1mdk.src.rpm \n \nMulti Network Firewall 8.2: \n15023427ad0c65e0607e217778bc6672 mnf8.2/RPMS/kernel-secure-2.4.19.37mdk-1-1mdk.i586.rpm \nadc06d97e9468534ec14e330b102180c mnf8.2/SRPMS/kernel-2.4.19.37mdk-1-1mdk.src.rpm \n_______________________________________________________________________ \n \nTo upgrade automatically use MandrakeUpdate or urpmi. The verification \nof md5 checksums and GPG signatures is performed automatically for you. \n \nA list of FTP mirrors can be obtained from: \n \n<http://www.mandrakesecure.net/en/ftp.php> \n \nAll packages are signed by MandrakeSoft for security. You can obtain \nthe GPG public key of the Mandrake Linux Security Team by executing: \n \ngpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98 \n \nPlease be aware that sometimes it takes the mirrors a few hours to \nupdate. \n \nYou can view other update advisories for Mandrake Linux at: \n \n<http://www.mandrakesecure.net/en/advisories/> \n \nMandrakeSoft has several security-related mailing list services that \nanyone can subscribe to. Information on these lists can be obtained by \nvisiting: \n \n<http://www.mandrakesecure.net/en/mlist.php> \n \nIf you want to report vulnerabilities, please contact \n \nsecurity_linux-mandrake.com \n \nType Bits/KeyID Date User ID \npub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team \n<security linux-mandrake.com> \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.0.7 (GNU/Linux) \n \niD8DBQE//ZQ2mqjQ0CJFipgRAhbiAJ9Ynq77P20SpN1fUtL/6T/6UHnGegCg8lul \nm3Iey37txkx7vLqlIj18EAo= \n=Bsd0 \n-----END PGP SIGNATURE-----`\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ __ Red Hat Inc.\n\nNotified: January 05, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n\\-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n\\- --------------------------------------------------------------------- \nRed Hat Security Advisory \n \nSynopsis: Updated kernel resolves security vulnerability \nAdvisory ID: RHSA-2003:417-01 \nIssue date: 2004-01-05 \nUpdated on: 2004-01-05 \nProduct: Red Hat Linux \nKeywords: \nCross references: \nObsoletes: \nCVE Names: CAN-2003-0984 CAN-2003-0985 \n\\- --------------------------------------------------------------------- \n \n1\\. Topic: \n \nUpdated kernel packages are now available that fix a security \nvulnerability which may allow local users to gain root privileges. \n \n2\\. Relevant releases/architectures: \n \nRed Hat Linux 7.1 - athlon, i386, i586, i686 \nRed Hat Linux 7.2 - athlon, i386, i586, i686 \nRed Hat Linux 7.3 - athlon, i386, i586, i686 \nRed Hat Linux 8.0 - athlon, i386, i586, i686 \nRed Hat Linux 9 - athlon, i386, i586, i686 \n \n3\\. Problem description: \n \nThe Linux kernel handles the basic functions of the operating system. \n \nPaul Starzetz discovered a flaw in bounds checking in mremap() in the Linux \nkernel versions 2.4.23 and previous which may allow a local attacker to \ngain root privileges. No exploit is currently available; however, it is \nbelieved that this issue is exploitable (although not trivially.) The \nCommon Vulnerabilities and Exposures project (cve.mitre.org) has assigned \nthe name CAN-2003-0985 to this issue. \n \nAll users are advised to upgrade to these errata packages, which contain a \nbackported security patch that corrects this issue. \n \nRed Hat would like to thank Paul Starzetz from ISEC for disclosing this \nissue as well as Andrea Arcangeli and Solar Designer for working on the patch. \n \nThese packages also contain a fix for a minor information leak in the real \ntime clock (rtc) routines. The Common Vulnerabilities and Exposures project \n(cve.mitre.org) has assigned the name CAN-2003-0984 to this issue. \n \nWe have provided kernel updates for Red Hat Linux 7.1-8.0 with this \nadvisory as these were prepared by us prior to December 31 2003. Please \nnote that Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have reached their end of \nlife for errata support and no further errata will be issued for those \ndistributions. \n \n4\\. Solution: \n \nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n \nTo update all RPMs for your particular architecture, run: \n \nrpm -Fvh [filenames] \n \nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those \nRPMs which are currently installed will be updated. Those RPMs which are \nnot installed but included in the list will not be updated. Note that you \ncan also use wildcards (*.rpm) if your current directory *only* contains the \ndesired RPMs. \n \nPlease note that this update is also available via Red Hat Network. Many \npeople find this an easier way to apply updates. To use Red Hat Network, \nlaunch the Red Hat Update Agent with the following command: \n \nup2date \n \nThis will start an interactive process that will result in the appropriate \nRPMs being upgraded on your system. \n \nIf up2date fails to connect to Red Hat Network due to SSL \nCertificate Errors, you need to install a version of the \nup2date client with an updated certificate. The latest version of \nup2date is available from the Red Hat FTP site and may also be \ndownloaded directly from the RHN website: \n \n<https://rhn.redhat.com/help/latest-up2date.pxt> \n \n5\\. Bug IDs fixed (<http://bugzilla.redhat.com/bugzilla> for more info): \n \n90338 - (TUX)password incorrectly parsed + patch to fix the problem \n \n6\\. RPMs required: \n \nRed Hat Linux 7.1: \n \nSRPMS: \n<ftp://updates.redhat.com/7.1/en/os/SRPMS/kernel-2.4.20-28.7.src.rpm> \n \nathlon: \n<ftp://updates.redhat.com/7.1/en/os/athlon/kernel-2.4.20-28.7.athlon.rpm> \n<ftp://updates.redhat.com/7.1/en/os/athlon/kernel-smp-2.4.20-28.7.athlon.rpm> \n \ni386: \n<ftp://updates.redhat.com/7.1/en/os/i386/kernel-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.1/en/os/i386/kernel-source-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.1/en/os/i386/kernel-doc-2.4.20-28.7.i386.rpm>\n\n<ftp://updates.redhat.com/7.1/en/os/i386/kernel-BOOT-2.4.20-28.7.i386.rpm> \n \ni586: \n<ftp://updates.redhat.com/7.1/en/os/i586/kernel-2.4.20-28.7.i586.rpm> \n<ftp://updates.redhat.com/7.1/en/os/i586/kernel-smp-2.4.20-28.7.i586.rpm> \n \ni686: \n<ftp://updates.redhat.com/7.1/en/os/i686/kernel-2.4.20-28.7.i686.rpm> \n<ftp://updates.redhat.com/7.1/en/os/i686/kernel-smp-2.4.20-28.7.i686.rpm> \n<ftp://updates.redhat.com/7.1/en/os/i686/kernel-bigmem-2.4.20-28.7.i686.rpm> \n \nRed Hat Linux 7.2: \n \nSRPMS: \n<ftp://updates.redhat.com/7.2/en/os/SRPMS/kernel-2.4.20-28.7.src.rpm> \n \nathlon: \n<ftp://updates.redhat.com/7.2/en/os/athlon/kernel-2.4.20-28.7.athlon.rpm> \n<ftp://updates.redhat.com/7.2/en/os/athlon/kernel-smp-2.4.20-28.7.athlon.rpm> \n \ni386: \n<ftp://updates.redhat.com/7.2/en/os/i386/kernel-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.2/en/os/i386/kernel-source-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.2/en/os/i386/kernel-doc-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.2/en/os/i386/kernel-BOOT-2.4.20-28.7.i386.rpm> \n \ni586: \n<ftp://updates.redhat.com/7.2/en/os/i586/kernel-2.4.20-28.7.i586.rpm> \n<ftp://updates.redhat.com/7.2/en/os/i586/kernel-smp-2.4.20-28.7.i586.rpm> \n \ni686: \n<ftp://updates.redhat.com/7.2/en/os/i686/kernel-2.4.20-28.7.i686.rpm> \n<ftp://updates.redhat.com/7.2/en/os/i686/kernel-smp-2.4.20-28.7.i686.rpm> \n<ftp://updates.redhat.com/7.2/en/os/i686/kernel-bigmem-2.4.20-28.7.i686.rpm> \n \nRed Hat Linux 7.3: \n \nSRPMS: \n<ftp://updates.redhat.com/7.3/en/os/SRPMS/kernel-2.4.20-28.7.src.rpm> \n \nathlon: \n<ftp://updates.redhat.com/7.3/en/os/athlon/kernel-2.4.20-28.7.athlon.rpm> \n<ftp://updates.redhat.com/7.3/en/os/athlon/kernel-smp-2.4.20-28.7.athlon.rpm> \n \ni386: \n<ftp://updates.redhat.com/7.3/en/os/i386/kernel-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.3/en/os/i386/kernel-source-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.3/en/os/i386/kernel-doc-2.4.20-28.7.i386.rpm> \n<ftp://updates.redhat.com/7.3/en/os/i386/kernel-BOOT-2.4.20-28.7.i386.rpm> \n \ni586: \n<ftp://updates.redhat.com/7.3/en/os/i586/kernel-2.4.20-28.7.i586.rpm> \n<ftp://updates.redhat.com/7.3/en/os/i586/kernel-smp-2.4.20-28.7.i586.rpm> \n \ni686: \n<ftp://updates.redhat.com/7.3/en/os/i686/kernel-2.4.20-28.7.i686.rpm> \n<ftp://updates.redhat.com/7.3/en/os/i686/kernel-smp-2.4.20-28.7.i686.rpm> \n<ftp://updates.redhat.com/7.3/en/os/i686/kernel-bigmem-2.4.20-28.7.i686.rpm> \n \nRed Hat Linux 8.0: \n \nSRPMS: \n<ftp://updates.redhat.com/8.0/en/os/SRPMS/kernel-2.4.20-28.8.src.rpm> \n \nathlon: \n<ftp://updates.redhat.com/8.0/en/os/athlon/kernel-2.4.20-28.8.athlon.rpm> \n<ftp://updates.redhat.com/8.0/en/os/athlon/kernel-smp-2.4.20-28.8.athlon.rpm> \n \ni386: \n<ftp://updates.redhat.com/8.0/en/os/i386/kernel-2.4.20-28.8.i386.rpm> \n<ftp://updates.redhat.com/8.0/en/os/i386/kernel-source-2.4.20-28.8.i386.rpm> \n<ftp://updates.redhat.com/8.0/en/os/i386/kernel-doc-2.4.20-28.8.i386.rpm> \n<ftp://updates.redhat.com/8.0/en/os/i386/kernel-BOOT-2.4.20-28.8.i386.rpm> \n \ni586: \n<ftp://updates.redhat.com/8.0/en/os/i586/kernel-2.4.20-28.8.i586.rpm> \n<ftp://updates.redhat.com/8.0/en/os/i586/kernel-smp-2.4.20-28.8.i586.rpm> \n \ni686: \n<ftp://updates.redhat.com/8.0/en/os/i686/kernel-2.4.20-28.8.i686.rpm> \n<ftp://updates.redhat.com/8.0/en/os/i686/kernel-smp-2.4.20-28.8.i686.rpm> \n<ftp://updates.redhat.com/8.0/en/os/i686/kernel-bigmem-2.4.20-28.8.i686.rpm> \n \nRed Hat Linux 9: \n \nSRPMS: \n<ftp://updates.redhat.com/9/en/os/SRPMS/kernel-2.4.20-28.9.src.rpm> \n \nathlon: \n<ftp://updates.redhat.com/9/en/os/athlon/kernel-2.4.20-28.9.athlon.rpm> \n<ftp://updates.redhat.com/9/en/os/athlon/kernel-smp-2.4.20-28.9.athlon.rpm> \n \ni386: \n<ftp://updates.redhat.com/9/en/os/i386/kernel-2.4.20-28.9.i386.rpm> \n<ftp://updates.redhat.com/9/en/os/i386/kernel-source-2.4.20-28.9.i386.rpm> \n<ftp://updates.redhat.com/9/en/os/i386/kernel-doc-2.4.20-28.9.i386.rpm> \n<ftp://updates.redhat.com/9/en/os/i386/kernel-BOOT-2.4.20-28.9.i386.rpm> \n \ni586: \n<ftp://updates.redhat.com/9/en/os/i586/kernel-2.4.20-28.9.i586.rpm> \n<ftp://updates.redhat.com/9/en/os/i586/kernel-smp-2.4.20-28.9.i586.rpm> \n \ni686: \n<ftp://updates.redhat.com/9/en/os/i686/kernel-2.4.20-28.9.i686.rpm> \n<ftp://updates.redhat.com/9/en/os/i686/kernel-smp-2.4.20-28.9.i686.rpm> \n<ftp://updates.redhat.com/9/en/os/i686/kernel-bigmem-2.4.20-28.9.i686.rpm> \n \n \n \n7\\. Verification: \n \nMD5 sum Package Name \n\\- -------------------------------------------------------------------------- \n6f37a0c884be50f702665dd418e7d8a5 7.1/en/os/SRPMS/kernel-2.4.20-28.7.src.rpm \n85dabb948243fcd96fed1946217b3259 7.1/en/os/athlon/kernel-2.4.20-28.7.athlon.rpm \nba80fcbe3237ece886506446413d6330 7.1/en/os/athlon/kernel-smp-2.4.20-28.7.athlon.rpm \na4b2cd2ad6acb98c045a0644add55ef8 7.1/en/os/i386/kernel-2.4.20-28.7.i386.rpm \n46cbf5df2050e923343be59c26eb5714 7.1/en/os/i386/kernel-BOOT-2.4.20-28.7.i386.rpm \n9e64a9b15edc09d4a0f75513445f4021 7.1/en/os/i386/kernel-doc-2.4.20-28.7.i386.rpm \ndbc9c6aa900467f4182306545d3bed81 7.1/en/os/i386/kernel-source-2.4.20-28.7.i386.rpm \n46325c861ee83b2f679b9f8563f2e441 7.1/en/os/i586/kernel-2.4.20-28.7.i586.rpm \n51ede5686dc0997c76a14d523e057e67 7.1/en/os/i586/kernel-smp-2.4.20-28.7.i586.rpm \nab86ca21757966e2f49d58438b26253a 7.1/en/os/i686/kernel-2.4.20-28.7.i686.rpm \n78229375349f57c62f0f1837770cc3f0 7.1/en/os/i686/kernel-bigmem-2.4.20-28.7.i686.rpm \n4321ad444747e8e3ebf6e7576b08d6db 7.1/en/os/i686/kernel-smp-2.4.20-28.7.i686.rpm \n6f37a0c884be50f702665dd418e7d8a5 7.2/en/os/SRPMS/kernel-2.4.20-28.7.src.rpm \n85dabb948243fcd96fed1946217b3259 7.2/en/os/athlon/kernel-2.4.20-28.7.athlon.rpm \nba80fcbe3237ece886506446413d6330 7.2/en/os/athlon/kernel-smp-2.4.20-28.7.athlon.rpm \na4b2cd2ad6acb98c045a0644add55ef8 7.2/en/os/i386/kernel-2.4.20-28.7.i386.rpm \n46cbf5df2050e923343be59c26eb5714 7.2/en/os/i386/kernel-BOOT-2.4.20-28.7.i386.rpm \n9e64a9b15edc09d4a0f75513445f4021 7.2/en/os/i386/kernel-doc-2.4.20-28.7.i386.rpm \ndbc9c6aa900467f4182306545d3bed81 7.2/en/os/i386/kernel-source-2.4.20-28.7.i386.rpm \n46325c861ee83b2f679b9f8563f2e441 7.2/en/os/i586/kernel-2.4.20-28.7.i586.rpm \n51ede5686dc0997c76a14d523e057e67 7.2/en/os/i586/kernel-smp-2.4.20-28.7.i586.rpm \nab86ca21757966e2f49d58438b26253a 7.2/en/os/i686/kernel-2.4.20-28.7.i686.rpm \n78229375349f57c62f0f1837770cc3f0 7.2/en/os/i686/kernel-bigmem-2.4.20-28.7.i686.rpm \n4321ad444747e8e3ebf6e7576b08d6db 7.2/en/os/i686/kernel-smp-2.4.20-28.7.i686.rpm \n6f37a0c884be50f702665dd418e7d8a5 7.3/en/os/SRPMS/kernel-2.4.20-28.7.src.rpm \n85dabb948243fcd96fed1946217b3259 7.3/en/os/athlon/kernel-2.4.20-28.7.athlon.rpm \nba80fcbe3237ece886506446413d6330 7.3/en/os/athlon/kernel-smp-2.4.20-28.7.athlon.rpm \na4b2cd2ad6acb98c045a0644add55ef8 7.3/en/os/i386/kernel-2.4.20-28.7.i386.rpm \n46cbf5df2050e923343be59c26eb5714 7.3/en/os/i386/kernel-BOOT-2.4.20-28.7.i386.rpm \n9e64a9b15edc09d4a0f75513445f4021 7.3/en/os/i386/kernel-doc-2.4.20-28.7.i386.rpm \ndbc9c6aa900467f4182306545d3bed81 7.3/en/os/i386/kernel-source-2.4.20-28.7.i386.rpm \n46325c861ee83b2f679b9f8563f2e441 7.3/en/os/i586/kernel-2.4.20-28.7.i586.rpm \n51ede5686dc0997c76a14d523e057e67 7.3/en/os/i586/kernel-smp-2.4.20-28.7.i586.rpm \nab86ca21757966e2f49d58438b26253a 7.3/en/os/i686/kernel-2.4.20-28.7.i686.rpm \n78229375349f57c62f0f1837770cc3f0 7.3/en/os/i686/kernel-bigmem-2.4.20-28.7.i686.rpm \n4321ad444747e8e3ebf6e7576b08d6db 7.3/en/os/i686/kernel-smp-2.4.20-28.7.i686.rpm \n7ff4997770e18fd8dfa94dde6ccd9f05 8.0/en/os/SRPMS/kernel-2.4.20-28.8.src.rpm \n69096d7bf580f241c2774a75d19a4f6b 8.0/en/os/athlon/kernel-2.4.20-28.8.athlon.rpm \n07cc69196376c7cbcad2c4a93aff0be0 8.0/en/os/athlon/kernel-smp-2.4.20-28.8.athlon.rpm \na97ba9aea863b5b49f26259f105e8d8f 8.0/en/os/i386/kernel-2.4.20-28.8.i386.rpm \nab4eac1f8c255a9d70808469e46e918c 8.0/en/os/i386/kernel-BOOT-2.4.20-28.8.i386.rpm \n210eb290286bb696f94e9ebe5399d67e 8.0/en/os/i386/kernel-doc-2.4.20-28.8.i386.rpm \n312b7e646dc4825617d3a9b485957c67 8.0/en/os/i386/kernel-source-2.4.20-28.8.i386.rpm \n90ddcdf7660107c2e297bd2531b4a544 8.0/en/os/i586/kernel-2.4.20-28.8.i586.rpm \n25692d7064ab7bc55a17c53ee24e9d3d 8.0/en/os/i586/kernel-smp-2.4.20-28.8.i586.rpm \n91ca2b2685cf6c5e0b8d1b9043865bea 8.0/en/os/i686/kernel-2.4.20-28.8.i686.rpm \n3fecc24946697e5dd0428df38cbb2198 8.0/en/os/i686/kernel-bigmem-2.4.20-28.8.i686.rpm \n40d954506e1b0ad60c7f150d76872ec5 8.0/en/os/i686/kernel-smp-2.4.20-28.8.i686.rpm \n5eb1ef7c29f3bd5e3afb9c41d5f688e5 9/en/os/SRPMS/kernel-2.4.20-28.9.src.rpm \n954a8afbe2216769a4aaa5b0b597612f 9/en/os/athlon/kernel-2.4.20-28.9.athlon.rpm \n198dfae0a67d9aa91f367e90e1a264c7 9/en/os/athlon/kernel-smp-2.4.20-28.9.athlon.rpm \na398b7f0a741ab95ab0b66929c48dc95 9/en/os/i386/kernel-2.4.20-28.9.i386.rpm \ne394c681c64e22a94ed22dd8a510aad0 9/en/os/i386/kernel-BOOT-2.4.20-28.9.i386.rpm \n8355d266e3c354e97099add60ea25331 9/en/os/i386/kernel-doc-2.4.20-28.9.i386.rpm \n12ad6c3ad16ddee2ad6c3ba579005a9d 9/en/os/i386/kernel-source-2.4.20-28.9.i386.rpm \n0047dac37b4f888e53b5b304524b795d 9/en/os/i586/kernel-2.4.20-28.9.i586.rpm \n08a3391dcb7f5532310ce234d2570bd0 9/en/os/i586/kernel-smp-2.4.20-28.9.i586.rpm \n6cdbe7002a6834dc1aa27cc5f47ba5a7 9/en/os/i686/kernel-2.4.20-28.9.i686.rpm \n3788274eba272ef23704bec4cb19e4af 9/en/os/i686/kernel-bigmem-2.4.20-28.9.i686.rpm \nd9fe2e46b08f596e19a49ae724d2db5a 9/en/os/i686/kernel-smp-2.4.20-28.9.i686.rpm \n \n \nThese packages are GPG signed by Red Hat for security. Our key is \navailable from <https://www.redhat.com/security/keys.html> \n \nYou can verify each package with the following command: \n \nrpm --checksig -v <filename> \n \nIf you only wish to verify that each package has not been corrupted or \ntampered with, examine only the md5sum with the following command: \n \nmd5sum <filename> \n \n \n8\\. References: \n \n<http://www.securityfocus.com/bid/9154/discussion/> \n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0984> \n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985> \n \n9\\. Contact: \n \nThe Red Hat security contact is <secalert@redhat.com>. More contact \ndetails at <https://www.redhat.com/solutions/security/news/contact.html> \n \nCopyright 2003 Red Hat, Inc. \n\\-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.0.7 (GNU/Linux) \n \niD8DBQE/+V6NXlSAg2UNWIIRAmTUAJ4umvzPTN6Fa6RxQnjpiv3tUvhTtwCgkNnu \n8haiGz6VTVazKRDmIKAa7Yo= \n=2MIc \n\\-----END PGP SIGNATURE-----\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ SGI\n\nNotified: January 22, 2004 Updated: March 16, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSGI has published two advisories to address this vulnerability. For more information, please see:\n\n \n<ftp://patches.sgi.com/support/free/security/advisories/20040102-01-U.asc> \n<ftp://patches.sgi.com/support/free/security/advisories/20040204-01-U.asc>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Slackware\n\nNotified: January 06, 2004 Updated: March 16, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSlackware has published several advisories to address this vulnerability. For further information, please see:\n\n \n[http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2004&m=slackware-security.757729](<http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2004&m=slackware-security.757729>) \n[http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2004&m=slackware-security.458438](<http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2004&m=slackware-security.458438>) \n[http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2004&m=slackware-security.541911](<http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2004&m=slackware-security.541911>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ SuSE Inc.\n\nNotified: January 05, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nSuSE has published Security Announcements [_SuSE-SA:2004:001_](<http://www.suse.de/de/security/2004_01_linux_kernel.html>) and [_SuSE-SA:2004:003_](<http://www.suse.de/de/security/2004_03_linux_kernel.html>) to address this vulnerability.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ __ Trustix Secure Linux\n\nNotified: January 05, 2004 Updated: March 09, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n- -------------------------------------------------------------------------- \nTrustix Secure Linux Security Advisory #2004-0001 \n \nPackage name: kernel \nSummary: mremap fix \nDate: 2004-01-05 \nAffected versions: TSL 2.0 \n \n- -------------------------------------------------------------------------- \nPackage description: \nThe kernel package contains the Linux kernel (vmlinuz), the core of your \nTrustix Secure Linux operating system. The kernel handles the basic \nfunctions of the operating system: memory allocation, process allocation, \ndevice input and output, etc. \n \n \nProblem description: \nThe kernel packages prior to this update suffers from a bug in the mremap \nfunction. This issue is fixed in this update. We have also fixed some minor \nbugs in the structure of the packages. \n \n \nAction: \nWe recommend that all systems with this package installed be upgraded. \n \n \nLocation: \nAll TSL updates are available from \n<URI:<http://http.trustix.org/pub/trustix/updates/>> \n<URI:<ftp://ftp.trustix.org/pub/trustix/updates/>> \n \n \nAbout Trustix Secure Linux: \nTrustix Secure Linux is a small Linux distribution for servers. With focus \non security and stability, the system is painlessly kept safe and up to \ndate from day one using swup, the automated software updater. \n \n \nAutomatic updates: \nUsers of the SWUP tool can enjoy having updates automatically \ninstalled using 'swup --upgrade'. \n \n \nPublic testing: \nMost updates for Trustix are made available for public testing some time \nbefore release. \nIf you want to contribute by testing the various packages in the \ntesting tree, please feel free to share your findings on the \ntsl-discuss mailinglist. \nThe testing tree is located at \n<URI:<http://tsldev.trustix.org/cloud/>> \n \nYou may also use swup for public testing of updates: \n \nsite { \nclass = 0 \nlocation = \"<http://tsldev.trustix.org/cloud/rdfs/latest.rdf>\" \nregexp = \".*\" \n} \n \n \nQuestions? \nCheck out our mailing lists: \n<URI:<http://www.trustix.org/support/>> \n \n \nVerification: \nThis advisory along with all TSL packages are signed with the TSL sign key. \nThis key is available from: \n<URI:<http://www.trustix.org/TSL-SIGN-KEY>> \n \nThe advisory itself is available from the errata pages at \n<URI:<http://www.trustix.org/errata/trustix-2.0/>> \nor directly at \n<URI:<http://www.trustix.org/errata/misc/2004/TSL-2004-0001-kernel.asc.txt>> \n \n \nMD5sums of the packages: \n- -------------------------------------------------------------------------- \n21778052346a0cf581056c4d4fdd9fed ./srpms/kernel-2.4.23-3tr.src.rpm \nd4c33e78d6d445419c0375cf847d01f0 ./rpms/kernel-utils-2.4.23-3tr.i586.rpm \n48ff81d9a03a77e4f875c5a7260e8001 ./rpms/kernel-source-2.4.23-3tr.i586.rpm \nffdccc0e67d07cd8f0af89e7bc6c6f27 ./rpms/kernel-smp-2.4.23-3tr.i586.rpm \n38566364225adfc7c007d42f50d8cdc3 ./rpms/kernel-firewallsmp-2.4.23-3tr.i586.rpm \n8c04b18da1337768187b72aa624bc196 ./rpms/kernel-firewall-2.4.23-3tr.i586.rpm \nd73cb52aa25892d9eab03090f5ec6cd2 ./rpms/kernel-doc-2.4.23-3tr.i586.rpm \n7206d43149f8fa1b23d31dfa18387e08 ./rpms/kernel-BOOT-2.4.23-3tr.i586.rpm \n97cbc7221af8904515eb728eeae34eeb ./rpms/kernel-2.4.23-3tr.i586.rpm \n- -------------------------------------------------------------------------- \n \n \nTSL Security Team \n \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.2 (GNU/Linux) \n \niD8DBQE/+YW+i8CEzsK9IksRAtIMAKCinbMfyABrMoRmG5Sm32k5+80IUQCgrKtR \nNYvos8discldMQgmL5iQIis= \n=SDI8 \n-----END PGP SIGNATURE-----`\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ __ TurboLinux\n\nNotified: January 06, 2004 Updated: March 09, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \nThis is an announcement only email list for the x86 architecture. \n============================================================ \nTurbolinux Security Announcement 06/Jan/2004 \n============================================================ \n \nThe following page contains the security information of Turbolinux Inc. \n \n- Turbolinux Security Center \n<http://www.turbolinux.com/security/> \n \n(1) kernel -> kernel mremap vulnerability \n \n \n=========================================================== \n* kernel -> kernel mremap vulnerability \n=========================================================== \n \nMore information : \nThe kernel package contains the Linux kernel (vmlinuz), the core of your Linux operating system. \nThe kernel handles the basic functions of the operating system. \nThe Linux memory management subsystem (mremap) isssue have been discovered in Kernel2.4. \n \nImpact : \nThe local users may be able to gain root privileges. \n \nAffected Products : \n- Turbolinux 8 Server \n- Turbolinux 8 Workstation \n- Turbolinux 7 Server \n- Turbolinux 7 Workstation \n \nSolution : \nPlease use turbopkg(zabom) tool to apply the update. \n--------------------------------------------- \n# turbopkg \nor \n# zabom update kernel kernel-BOOT kernel-doc kernel-headers kernel-pcmcia-cs kernel-smp kernel-smp64G kernel-source \n--------------------------------------------- \n \n \n<Turbolinux 8 Server> \n \nSource Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/kernel-2.4.18-16.src.rpm> \n41913762 bb068af1293917a5830bc39939c7ed60 \n \nBinary Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-2.4.18-16.i586.rpm> \n14072693 1e2dfa0a3a6f90daaa15d48a34082c31 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm> \n7100767 f2ab93bca6266a0484828d697af11d79 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm> \n1457894 ab50b07561aefd7ad8953ed599867163 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm> \n1815780 77d5fa6d227e8124bc9746f0f3e8da76 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm> \n329042 d2672266844a19e9b8aeb290d817e4e3 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm> \n14551108 9c0260f2032f0a9411b48030e37ecc6e \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm> \n14540333 e4bc5e66c81abf489645ebbd593ba558 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/kernel-source-2.4.18-16.i586.rpm> \n26537903 6d29fd4d02d927970fc18e4f9b4bde3d \n \n<Turbolinux 8 Workstation> \n \nSource Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/kernel-2.4.18-16.src.rpm> \n41913762 bb068af1293917a5830bc39939c7ed60 \n \nBinary Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-2.4.18-16.i586.rpm> \n14072693 1e2dfa0a3a6f90daaa15d48a34082c31 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm> \n7100767 f2ab93bca6266a0484828d697af11d79 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm> \n1457894 ab50b07561aefd7ad8953ed599867163 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm> \n1815780 77d5fa6d227e8124bc9746f0f3e8da76 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm> \n329042 d2672266844a19e9b8aeb290d817e4e3 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm> \n14551108 9c0260f2032f0a9411b48030e37ecc6e \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm> \n14540333 e4bc5e66c81abf489645ebbd593ba558 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/kernel-source-2.4.18-16.i586.rpm> \n26537903 6d29fd4d02d927970fc18e4f9b4bde3d \n \n<Turbolinux 7 Server> \n \nSource Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/kernel-2.4.18-16.src.rpm> \n41913762 bb068af1293917a5830bc39939c7ed60 \n \nBinary Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-2.4.18-16.i586.rpm> \n14072693 1e2dfa0a3a6f90daaa15d48a34082c31 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm> \n7100767 f2ab93bca6266a0484828d697af11d79 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm> \n1457894 ab50b07561aefd7ad8953ed599867163 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm> \n1815780 77d5fa6d227e8124bc9746f0f3e8da76 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm> \n329042 d2672266844a19e9b8aeb290d817e4e3 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm> \n14551108 9c0260f2032f0a9411b48030e37ecc6e \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm> \n14540333 e4bc5e66c81abf489645ebbd593ba558 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/kernel-source-2.4.18-16.i586.rpm> \n26537903 6d29fd4d02d927970fc18e4f9b4bde3d \n \n<Turbolinux 7 Workstation> \n \nSource Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/kernel-2.4.18-16.src.rpm> \n41913762 bb068af1293917a5830bc39939c7ed60 \n \nBinary Packages \nSize : MD5 \n \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-2.4.18-16.i586.rpm> \n14072693 1e2dfa0a3a6f90daaa15d48a34082c31 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-BOOT-2.4.18-16.i586.rpm> \n7100767 f2ab93bca6266a0484828d697af11d79 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-doc-2.4.18-16.i586.rpm> \n1457894 ab50b07561aefd7ad8953ed599867163 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-headers-2.4.18-16.i586.rpm> \n1815780 77d5fa6d227e8124bc9746f0f3e8da76 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-pcmcia-cs-2.4.18-16.i586.rpm> \n329042 d2672266844a19e9b8aeb290d817e4e3 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp-2.4.18-16.i586.rpm> \n14551108 9c0260f2032f0a9411b48030e37ecc6e \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-smp64G-2.4.18-16.i586.rpm> \n14540333 e4bc5e66c81abf489645ebbd593ba558 \n<ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/kernel-source-2.4.18-16.i586.rpm> \n26537903 6d29fd4d02d927970fc18e4f9b4bde3d \n \n \nReferences : \n \nCVE \n[CAN-2003-0985] \n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985> \n \n \n* You may need to update the turbopkg tool before applying the update. \nPlease refer to the following URL for detailed information. \n \n<http://www.turbolinux.com/download/zabom.html> \n<http://www.turbolinux.com/download/zabomupdate.html> \n \nPackage Update Path \n<http://www.turbolinux.com/update> \n \n============================================================ \n* To obtain the public key \n \nHere is the public key \n \n<http://www.turbolinux.com/security/> \n \n* To unsubscribe from the list \n \nIf you ever want to remove yourself from this mailing list, \nyou can send a message to <server-users-e-ctl@turbolinux.co.jp> with \nthe word `unsubscribe' in the body (don't include the quotes). \n \nunsubscribe \n \n* To change your email address \n \nIf you ever want to chage email address in this mailing list, \nyou can send a message to <server-users-e-ctl@turbolinux.co.jp> with \nthe following command in the message body: \n \nchaddr 'old address' 'new address' \n \nIf you have any questions or problems, please contact`\n\n`<supp_info@turbolinux.co.jp> \n \nThank you! \n \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.3 (GNU/Linux) \n \niD8DBQE/+jHsK0LzjOqIJMwRAmKgAJ9lsDB19QPplRaX2f9bjekaMPkCtACeNgfi \n9CSZg6sN3tPlfNhFr4q+PAk= \n=uB9b \n-----END PGP SIGNATURE-----`\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ VMware\n\nNotified: January 28, 2004 Updated: March 16, 2004 \n\n### Status\n\n__ Vulnerable\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nVMware has published multiple advisories to address this vulnerability. For more information, see:\n\n \n<http://www.vmware.com/download/esx/esx201-6991update.html> \n<http://www.vmware.com/download/esx/esx20-6992update.html> \n<http://www.vmware.com/download/esx/esx152-6994update.html>\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Hewlett-Packard Company\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ IBM eServer\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Ingrian Networks\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ MontaVista Software\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Novell\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Openwall GNU/*/Linux\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Sequent\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Sun Microsystems Inc.\n\nUpdated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\n### __ Wirex\n\nNotified: March 16, 2004 Updated: August 19, 2004 \n\n### Status\n\n__ Unknown\n\n### Vendor Statement\n\nNo statement is currently available from the vendor regarding this vulnerability.\n\n### Vendor Information\n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThe CERT/CC has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23490620 Feedback>).\n\nView all 20 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | N/A | N/A \nTemporal | N/A | N/A \nEnvironmental | | N/A \n \n \n\n\n### References \n\n * <http://www.kernel.org/>\n * <http://isec.pl/vulnerabilities/isec-0013-mremap.txt>\n * <http://xforce.iss.net/xforce/xfdb/14135>\n * <http://www.ciac.org/ciac/bulletins/o-045.shtml>\n * <http://www.secunia.com/advisories/10582/>\n * <http://www.secunia.com/advisories/10585/>\n * <http://www.secunia.com/advisories/10584/>\n * <http://www.secunia.com/advisories/10583/>\n\n### Acknowledgements\n\nThis vulnerability was discovered by Paul Starzetz.\n\nThis document was written by Jeffrey P. Lanza.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2003-0985](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0985>) \n---|--- \n**Severity Metric:****** | 13.54 \n**Date Public:** | 2004-01-05 \n**Date First Published:** | 2004-03-09 \n**Date Last Updated: ** | 2004-08-19 23:33 UTC \n**Document Revision: ** | 23 \n", "modified": "2004-08-19T23:33:00", "published": "2004-03-09T00:00:00", "id": "VU:490620", "href": "https://www.kb.cert.org/vuls/id/490620", "type": "cert", "title": "Linux kernel do_mremap() call creates virtual memory area of 0 bytes in length", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}