DATABASE RESOURCES PRICING ABOUT US

{"id": "VERACODE:23861", "vendorId": null, "type": "veracode", "bulletinFamily": "software", "title": "Privilege Escalation", "description": "kernel-rt is vulnerable to privilege escalation. The vulnerability exists as a deficiency was found in the Linux kernel signals implementation. The kill_something_info() function did not check if a process was outside the caller's namespace before sending the kill signal, making it possible to kill processes in all process ID (PID) namespaces, breaking PID namespace isolation.\n", "published": "2020-04-10T00:38:20", "modified": "2022-04-19T18:26:01", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6}, "severity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}, "cvss3": {}, "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23861/summary", "reporter": "Veracode Vulnerability Database", "references": ["http://www.securityfocus.com/archive/1/503610/100/0/threaded", "http://secunia.com/advisories/34981", "http://secunia.com/advisories/35120", "http://secunia.com/advisories/35121", "http://secunia.com/advisories/35343", "http://secunia.com/advisories/35656", "http://www.redhat.com/security/updates/classification/#important", "https://access.redhat.com/errata/RHSA-2009:1081", "http://www.debian.org/security/2009/dsa-1787", "http://www.debian.org/security/2009/dsa-1800", "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d25141a818383b3c3b09f065698c544a7a0ec6e7", "https://bugzilla.redhat.com/show_bug.cgi?id=496031", "http://wiki.rpath.com/Advisories:rPSA-2009-0084", "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.28", "https://exchange.xforce.ibmcloud.com/vulnerabilities/50386", "http://lkml.org/lkml/2008/7/23/148", "http://www.openwall.com/lists/oss-security/2009/04/16/2", "http://www.openwall.com/lists/oss-security/2009/04/17/4", "http://www.openwall.com/lists/oss-security/2009/04/21/1", "http://www.redhat.com/support/errata/RHSA-2009-1081.html", "http://www.ubuntu.com/usn/usn-793-1"], "cvelist": ["CVE-2009-1338"], "immutableFields": [], "lastseen": "2022-07-27T10:33:56", "viewCount": 4, "enchantments": {"score": {"value": 3.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1338"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1787-1:1654D", "DEBIAN:DSA-1800-1:C8938"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-1787.NASL", "DEBIAN_DSA-1800.NASL", "UBUNTU_USN-793-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063939", "OPENVAS:136141256231064034", "OPENVAS:136141256231064068", "OPENVAS:63939", "OPENVAS:64034", "OPENVAS:64068", "OPENVAS:64175"]}, {"type": "osv", "idList": ["OSV:DSA-1787-1", "OSV:DSA-1800-1"]}, {"type": "redhat", "idList": ["RHSA-2009:1081"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21767", "SECURITYVULNS:VULN:9889"]}, {"type": "ubuntu", "idList": ["USN-793-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-1338"]}]}, "epss": [{"cve": "CVE-2009-1338", "epss": "0.000440000", "percentile": "0.081850000", "modified": "2023-03-19"}], "vulnersScore": 3.4}, "_state": {"dependencies": 1659986029, "score": 1684014897, "affected_software_major_version": 1666695388, "epss": 1679301741}, "_internal": {"score_hash": "a2918b331a1581b6e56aedf9167306d2"}, "affectedSoftware": [{"version": "2.6.24.7__111.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__81.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__101.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__108.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__93.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__74.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__111.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__81.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__101.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__108.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__93.el5rt", "operator": "eq", "name": "kernel-rt"}, {"version": "2.6.24.7__74.el5rt", "operator": "eq", "name": "kernel-rt"}]}

{"cve": [{"lastseen": "2023-05-26T14:02:09", "description": "The kill_something_info function in kernel/signal.c in the Linux kernel before 2.6.28 does not consider PID namespaces when processing signals directed to PID -1, which allows local users to bypass the intended namespace isolation, and send arbitrary signals to all processes in all namespaces, via a kill command.", "cvss3": {}, "published": "2009-04-22T15:30:00", "type": "cve", "title": "CVE-2009-1338", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1338"], "modified": "2018-10-10T19:36:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.27.11", "cpe:/o:linux:linux_kernel:2.6.25.6", "cpe:/o:linux:linux_kernel:2.6.20.18", "cpe:/o:linux:linux_kernel:2.6.21.6", "cpe:/o:linux:linux_kernel:2.6.27.3", "cpe:/o:linux:linux_kernel:2.6.22.14", "cpe:/o:linux:linux_kernel:2.6.27.21", "cpe:/o:linux:linux_kernel:2.6.22.20", "cpe:/o:linux:linux_kernel:2.6.23.13", "cpe:/o:linux:linux_kernel:2.6.27.19", "cpe:/o:linux:linux_kernel:2.6.20.17", "cpe:/o:linux:linux_kernel:2.6.19.5", "cpe:/o:linux:linux_kernel:2.6.27.2", "cpe:/o:linux:linux_kernel:2.6.25.13", "cpe:/o:linux:linux_kernel:2.6.27.4", "cpe:/o:linux:linux_kernel:2.6.22.9", "cpe:/o:linux:linux_kernel:2.6.22_rc1", "cpe:/o:linux:linux_kernel:2.6.25.12", "cpe:/o:linux:linux_kernel:2.6.25.11", "cpe:/o:linux:linux_kernel:2.6.25.4", "cpe:/o:linux:linux_kernel:2.6.27", "cpe:/o:linux:linux_kernel:2.6.22.10", "cpe:/o:linux:linux_kernel:2.6.24.3", "cpe:/o:linux:linux_kernel:2.6.25.2", "cpe:/o:linux:linux_kernel:2.4.36.1", "cpe:/o:linux:linux_kernel:2.6.27.7", "cpe:/o:linux:linux_kernel:2.6.26.4", "cpe:/o:linux:linux_kernel:2.6.20.19", "cpe:/o:linux:linux_kernel:2.6.25.8", "cpe:/o:linux:linux_kernel:2.6.22.21", "cpe:/o:linux:linux_kernel:2.6.23", "cpe:/o:linux:linux_kernel:2.6.25.17", "cpe:/o:linux:linux_kernel:2.6.25.10", "cpe:/o:linux:linux_kernel:2.6.27.12", "cpe:/o:linux:linux_kernel:2.6.25.7", "cpe:/o:linux:linux_kernel:2.6.27.18", "cpe:/o:linux:linux_kernel:2.6.24.2", "cpe:/o:linux:linux_kernel:2.6.27.16", "cpe:/o:linux:linux_kernel:2.6.23.10", "cpe:/o:linux:linux_kernel:2.6.24.6", "cpe:/o:linux:linux_kernel:2.6.22.17", "cpe:/o:linux:linux_kernel:2.6.25.5", "cpe:/o:linux:linux_kernel:2.6.24.4", "cpe:/o:linux:linux_kernel:2.6.23.16", "cpe:/o:linux:linux_kernel:2.6.25.16", "cpe:/o:linux:linux_kernel:2.6.23.8", "cpe:/o:linux:linux_kernel:2.6.19.4", "cpe:/o:linux:linux_kernel:2.6.21.7", "cpe:/o:linux:linux_kernel:2.6.25.3", "cpe:/o:linux:linux_kernel:2.6.22.22", "cpe:/o:linux:linux_kernel:2.6.22.13", "cpe:/o:linux:linux_kernel:2.6.27.1", "cpe:/o:linux:linux_kernel:2.6.25", "cpe:/o:linux:linux_kernel:2.6.22.18", "cpe:/o:linux:linux_kernel:2.4.36", "cpe:/o:linux:linux_kernel:2.6.19.6", "cpe:/o:linux:linux_kernel:2.6.20.20", "cpe:/o:linux:linux_kernel:2.6.24_rc1", "cpe:/o:linux:linux_kernel:2.6.27.15", "cpe:/o:linux:linux_kernel:2.6", "cpe:/o:linux:linux_kernel:2.6.27.6", "cpe:/o:linux:linux_kernel:2.6.24.7", "cpe:/o:linux:linux_kernel:2.6.19.7", "cpe:/o:linux:linux_kernel:2.6.25.15", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.4.36.4", "cpe:/o:linux:linux_kernel:2.6.26.1", "cpe:/o:linux:linux_kernel:2.6.27.10", "cpe:/o:linux:linux_kernel:2.6.22.11", "cpe:/o:linux:linux_kernel:2.6.20.21", "cpe:/o:linux:linux_kernel:2.6.27.8", "cpe:/o:linux:linux_kernel:2.6.23.12", "cpe:/o:linux:linux_kernel:2.6.24.1", "cpe:/o:linux:linux_kernel:2.2.27", "cpe:/o:linux:linux_kernel:2.4.36.5", "cpe:/o:linux:linux_kernel:2.6.22.2", "cpe:/o:linux:linux_kernel:2.6.24_rc4", "cpe:/o:linux:linux_kernel:2.6.26", "cpe:/o:linux:linux_kernel:2.6.20.16", "cpe:/o:linux:linux_kernel:2.6.27.9", "cpe:/o:linux:linux_kernel:2.4.36.6", "cpe:/o:linux:linux_kernel:2.6.22.19", "cpe:/o:linux:linux_kernel:2.6.22_rc7", "cpe:/o:linux:linux_kernel:2.6.26.2", "cpe:/o:linux:linux_kernel:2.6.23.15", "cpe:/o:linux:linux_kernel:2.6.24_rc5", "cpe:/o:linux:linux_kernel:2.4.36.2", "cpe:/o:linux:linux_kernel:2.6.23.11", "cpe:/o:linux:linux_kernel:2.6.25.1", "cpe:/o:linux:linux_kernel:2.6.25.14", "cpe:/o:linux:linux_kernel:2.6.26.5", "cpe:/o:linux:linux_kernel:2.6.25.9", "cpe:/o:linux:linux_kernel:2.6.27.5", "cpe:/o:linux:linux_kernel:2.6.23.9", "cpe:/o:linux:linux_kernel:2.6.24.5", "cpe:/o:linux:linux_kernel:2.6.26.3", "cpe:/o:linux:linux_kernel:2.6.22.12", "cpe:/o:linux:linux_kernel:2.6.22.8", "cpe:/o:linux:linux_kernel:2.6.22.1", "cpe:/o:linux:linux_kernel:2.6.27.14", "cpe:/o:linux:linux_kernel:2.6.24", "cpe:/o:linux:linux_kernel:2.6.22", "cpe:/o:linux:linux_kernel:2.6.21.5", "cpe:/o:linux:linux_kernel:2.6.27.13", "cpe:/o:linux:linux_kernel:2.6.23_rc1", "cpe:/o:linux:linux_kernel:2.6.27.17", "cpe:/o:linux:linux_kernel:2.6.22.15", "cpe:/o:linux:linux_kernel:2.4.36.3", "cpe:/o:linux:linux_kernel:2.6.27.20", "cpe:/o:linux:linux_kernel:2.6.23.17"], "id": "CVE-2009-1338", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1338", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24_rc4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22_rc1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24_rc1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24_rc5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23_rc1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.4.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:x86_64:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22_rc7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-05-26T14:53:37", "description": "The kill_something_info function in kernel/signal.c in the Linux kernel\nbefore 2.6.28 does not consider PID namespaces when processing signals\ndirected to PID -1, which allows local users to bypass the intended\nnamespace isolation, and send arbitrary signals to all processes in all\nnamespaces, via a kill command.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[smb](<https://launchpad.net/~smb>) | Dapper has no pid_namespace.\n", "cvss3": {}, "published": "2009-04-22T00:00:00", "type": "ubuntucve", "title": "CVE-2009-1338", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1338"], "modified": "2009-04-22T00:00:00", "id": "UB:CVE-2009-1338", "href": "https://ubuntu.com/security/CVE-2009-1338", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-04-06T11:39:05", "description": "The remote host is missing updates to kernel-rt announced in\nadvisory RHSA-2009:1081.\n\nThese updated packages fix the following security issues:\n\n* a buffer overflow flaw was found in the CIFSTCon() function of the Linux\nkernel Common Internet File System (CIFS) implementation. When mounting a\nCIFS share, a malicious server could send an overly-long string to the\nclient, possibly leading to a denial of service or privilege escalation on\nthe client mounting the CIFS share. (CVE-2009-1439, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* a deficiency was found in the Linux kernel signals implementation. The\nkill_something_info() function did not check if a process was outside the\ncaller's namespace before sending the kill signal, making it possible to\nkill processes in all process ID (PID) namespaces, breaking PID namespace\nisolation. (CVE-2009-1338, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nAll Red Hat Enterprise MRG users should upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. Note: The system\nmust be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1081", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064068", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064068", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1081.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1081 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to kernel-rt announced in\nadvisory RHSA-2009:1081.\n\nThese updated packages fix the following security issues:\n\n* a buffer overflow flaw was found in the CIFSTCon() function of the Linux\nkernel Common Internet File System (CIFS) implementation. When mounting a\nCIFS share, a malicious server could send an overly-long string to the\nclient, possibly leading to a denial of service or privilege escalation on\nthe client mounting the CIFS share. (CVE-2009-1439, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* a deficiency was found in the Linux kernel signals implementation. The\nkill_something_info() function did not check if a process was outside the\ncaller's namespace before sending the kill signal, making it possible to\nkill processes in all process ID (PID) namespaces, breaking PID namespace\nisolation. (CVE-2009-1338, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nAll Red Hat Enterprise MRG users should upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. Note: The system\nmust be rebooted for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64068\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1081\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1081.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:56:17", "description": "The remote host is missing updates to kernel-rt announced in\nadvisory RHSA-2009:1081.\n\nThese updated packages fix the following security issues:\n\n* a buffer overflow flaw was found in the CIFSTCon() function of the Linux\nkernel Common Internet File System (CIFS) implementation. When mounting a\nCIFS share, a malicious server could send an overly-long string to the\nclient, possibly leading to a denial of service or privilege escalation on\nthe client mounting the CIFS share. (CVE-2009-1439, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* a deficiency was found in the Linux kernel signals implementation. The\nkill_something_info() function did not check if a process was outside the\ncaller's namespace before sending the kill signal, making it possible to\nkill processes in all process ID (PID) namespaces, breaking PID namespace\nisolation. (CVE-2009-1338, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nAll Red Hat Enterprise MRG users should upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. Note: The system\nmust be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1081", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:64068", "href": "http://plugins.openvas.org/nasl.php?oid=64068", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1081.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1081 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to kernel-rt announced in\nadvisory RHSA-2009:1081.\n\nThese updated packages fix the following security issues:\n\n* a buffer overflow flaw was found in the CIFSTCon() function of the Linux\nkernel Common Internet File System (CIFS) implementation. When mounting a\nCIFS share, a malicious server could send an overly-long string to the\nclient, possibly leading to a denial of service or privilege escalation on\nthe client mounting the CIFS share. (CVE-2009-1439, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* a deficiency was found in the Linux kernel signals implementation. The\nkill_something_info() function did not check if a process was outside the\ncaller's namespace before sending the kill signal, making it possible to\nkill processes in all process ID (PID) namespaces, breaking PID namespace\nisolation. (CVE-2009-1338, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nAll Red Hat Enterprise MRG users should upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. Note: The system\nmust be rebooted for this update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(64068);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1192\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1081\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1081.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kernel-rt\", rpm:\"kernel-rt~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug\", rpm:\"kernel-rt-debug~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-debuginfo\", rpm:\"kernel-rt-debug-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debug-devel\", rpm:\"kernel-rt-debug-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo\", rpm:\"kernel-rt-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-debuginfo-common\", rpm:\"kernel-rt-debuginfo-common~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-devel\", rpm:\"kernel-rt-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace\", rpm:\"kernel-rt-trace~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-debuginfo\", rpm:\"kernel-rt-trace-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-trace-devel\", rpm:\"kernel-rt-trace-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla\", rpm:\"kernel-rt-vanilla~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-debuginfo\", rpm:\"kernel-rt-vanilla-debuginfo~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-vanilla-devel\", rpm:\"kernel-rt-vanilla-devel~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-rt-doc\", rpm:\"kernel-rt-doc~2.6.24.7~117.el5rt\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:24", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1800-1.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1800-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1046", "CVE-2009-0859", "CVE-2009-1184", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-1072", "CVE-2009-0835", "CVE-2009-1192", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-1439"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064034", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064034", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1800_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1800-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. For details, please visit the referenced security\nadvisories.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\nFor the oldstable distribution (etch), these problems, where applicable,\nwill be fixed in future updates to linux-2.6 and linux-2.6.24.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1800-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201800-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64034\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1800-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.26-1um-2+15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r4k-ip22\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mips\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-ip32\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r4k-ip22\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-ip32\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:05", "description": "The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1800-1.", "cvss3": {}, "published": "2009-05-25T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1800-1 (linux-2.6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1046", "CVE-2009-0859", "CVE-2009-1184", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-1072", "CVE-2009-0835", "CVE-2009-1192", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-1439"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64034", "href": "http://plugins.openvas.org/nasl.php?oid=64034", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1800_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1800-1 (linux-2.6)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. For details, please visit the referenced security\nadvisories.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\nFor the oldstable distribution (etch), these problems, where applicable,\nwill be fixed in future updates to linux-2.6 and linux-2.6.24.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6\nannounced via advisory DSA 1800-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201800-1\";\n\n\nif(description)\n{\n script_id(64034);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Debian Security Advisory DSA 1800-1 (linux-2.6)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.26-1um-2+15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r4k-ip22\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mips\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-ip32\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r4k-ip22\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-ip32\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:08", "description": "The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1787-1.", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1787-1 (linux-2.6.24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5702", "CVE-2009-1046", "CVE-2008-5395", "CVE-2008-5700", "CVE-2009-0859", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63939", "href": "http://plugins.openvas.org/nasl.php?oid=63939", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1787_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1787-1 (linux-2.6.24)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. For details,\nplease visit the referenced security advisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.8etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1787-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201787-1\";\n\n\nif(description)\n{\n script_id(63939);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 16:00:35 +0200 (Tue, 05 May 2009)\");\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5079\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1787-1 (linux-2.6.24)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.24-etchnhalf.1\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-common\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-footbridge\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-iop32x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-s390\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-s390x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sparc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:21", "description": "The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1787-1.", "cvss3": {}, "published": "2009-05-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 1787-1 (linux-2.6.24)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5702", "CVE-2009-1046", "CVE-2008-5395", "CVE-2008-5700", "CVE-2009-0859", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063939", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063939", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1787_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1787-1 (linux-2.6.24)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. For details,\nplease visit the referenced security advisories.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.8etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\";\ntag_summary = \"The remote host is missing an update to linux-2.6.24\nannounced via advisory DSA 1787-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201787-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63939\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-05 16:00:35 +0200 (Tue, 05 May 2009)\");\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5079\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1787-1 (linux-2.6.24)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.24-etchnhalf.1\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.24\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-common\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-amd64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-footbridge\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-iop32x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-486\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-686\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-itanium\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-mckinley\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-s390\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-s390x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-s390x\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sparc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", ver:\"2.6.24-6~etchnhalf.8etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:30:12", "description": "The remote host is missing an update to kvm\nannounced via advisory USN-776-2.", "cvss3": {}, "published": "2009-06-05T00:00:00", "type": "openvas", "title": "Ubuntu USN-776-2 (kvm)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1151", "CVE-2009-1150", "CVE-2009-1010", "CVE-2009-1161", "CVE-2009-1046", "CVE-2007-2807", "CVE-2009-0721", "CVE-2009-0343", "CVE-2009-0157", "CVE-2009-0342", "CVE-2009-0859", "CVE-2009-1415", "CVE-2009-1579", "CVE-2009-0922", "CVE-2009-1184", "CVE-2009-0028", "CVE-2009-1416", "CVE-2008-1945", "CVE-2008-5077", "CVE-2009-1242", "CVE-2008-2004", "CVE-2009-0688", "CVE-2009-1632", "CVE-2008-5814", "CVE-2009-1072", "CVE-2009-0835", "CVE-2009-1011", "CVE-2009-0945", "CVE-2009-0159", "CVE-2009-1192", "CVE-2009-1418", "CVE-2009-1338", "CVE-2009-0154", "CVE-2009-1337", "CVE-2009-1580", "CVE-2009-0269", "CVE-2009-1581", "CVE-2009-1574", "CVE-2009-1417", "CVE-2008-5714", "CVE-2009-1527", "CVE-2009-0834", "CVE-2009-1265", "CVE-2008-2382", "CVE-2009-1439", "CVE-2009-1578", "CVE-2009-1130", "CVE-2009-1009", "CVE-2009-0714", "CVE-2008-1517", "CVE-2009-1252", "CVE-2008-4539"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64175", "href": "http://plugins.openvas.org/nasl.php?oid=64175", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_776_2.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_776_2.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-776-2 (kvm)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n kvm 1:62+dfsg-0ubuntu8.2\n\nAfter a standard system upgrade you need to restart all KVM VMs to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-776-2\";\n\ntag_insight = \"USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a\nregression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to\nboot virtual machines started via libvirt. This update fixes the problem.\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\n Avi Kivity discovered that KVM did not correctly handle certain disk\n formats. A local attacker could attach a malicious partition that would\n allow the guest VM to read files on the VM host. (CVE-2008-1945,\n CVE-2008-2004)\n\n Alfredo Ortega discovered that KVM's VNC protocol handler did not\n correctly validate certain messages. A remote attacker could send\n specially crafted VNC messages that would cause KVM to consume CPU\n resources, leading to a denial of service. (CVE-2008-2382)\n\n Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC\n did not correctly handle certain bitblt operations. A local attacker could\n exploit this flaw to potentially execute arbitrary code on the VM host or\n crash KVM, leading to a denial of service. (CVE-2008-4539)\n\n It was discovered that KVM's VNC password checks did not use the correct\n length. A remote attacker could exploit this flaw to cause KVM to crash,\n leading to a denial of service. (CVE-2008-5714)\";\ntag_summary = \"The remote host is missing an update to kvm\nannounced via advisory USN-776-2.\";\n\n \n\n\nif(description)\n{\n script_id(64175);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2008-1945\", \"CVE-2008-2004\", \"CVE-2008-2382\", \"CVE-2008-4539\", \"CVE-2008-5714\", \"CVE-2009-1130\", \"CVE-2009-1574\", \"CVE-2009-0714\", \"CVE-2008-1517\", \"CVE-2007-2807\", \"CVE-2009-0159\", \"CVE-2009-1252\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\", \"CVE-2009-1581\", \"CVE-2009-1418\", \"CVE-2009-0028\", \"CVE-2009-0269\", \"CVE-2009-0342\", \"CVE-2009-0343\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-1184\", \"CVE-2009-1415\", \"CVE-2009-1416\", \"CVE-2009-1417\", \"CVE-2009-0154\", \"CVE-2009-1150\", \"CVE-2009-1151\", \"CVE-2009-0922\", \"CVE-2009-1632\", \"CVE-2009-0945\", \"CVE-2009-0688\", \"CVE-2009-1527\", \"CVE-2009-1338\", \"CVE-2009-1242\", \"CVE-2009-1192\", \"CVE-2009-1439\", \"CVE-2009-1337\", \"CVE-2009-0157\", \"CVE-2008-5077\", \"CVE-2008-5814\", \"CVE-2009-0721\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1072\", \"CVE-2009-1265\", \"CVE-2009-1011\", \"CVE-2009-1010\", \"CVE-2009-1009\", \"CVE-2009-1161\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-776-2 (kvm)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-776-2/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kvm-source\", ver:\"62+dfsg-0ubuntu8.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kvm\", ver:\"62+dfsg-0ubuntu8.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-refclock\", ver:\"4.2.2.p4+dfsg-2etch3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-doc\", ver:\"4.2.4p4+dfsg-3ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-simple\", ver:\"4.2.2.p4+dfsg-2etch3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntpdate\", ver:\"4.2.4p4+dfsg-3ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp\", ver:\"4.2.4p4+dfsg-3ubuntu2.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-2.6.26-2\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-tree-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-patch-debian-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-2.6.26\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-legacy\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-legacy\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-generic\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-alpha-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-alpha\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-alpha-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-xen\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-openvz\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-common-vserver\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-amd64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"user-mode-linux\", ver:\"2.6.26-1um-2+15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-orion5x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-ixp4xx\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-footbridge\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-orion5x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-footbridge\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-ixp4xx\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-iop32x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-arm\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-iop32x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-versatile\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-armel\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-versatile\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-hppa\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-parisc-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-parisc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-openvz-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-486\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686-bigmem\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-openvz-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-modules-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-xen-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-i386\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-686\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-486\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-mckinley\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-itanium\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-ia64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-itanium\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-itanium\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-itanium\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-5kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1-bcm91250a\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-4kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r4k-ip22\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mips\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-ip32\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-5kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r4k-ip22\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-ip32\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-4kc-malta\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-mipsel\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-r5k-cobalt\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-powerpc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-powerpc-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-s390x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-s390\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-s390-tape\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-s390x\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-s390\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-all-sparc\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-vserver-sparc64\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-2.6.26-2-sparc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-2.6.26-2-sparc64-smp\", ver:\"2.6.26-15lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nsd\", ver:\"2.3.7-1.1+lenny1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nsd3\", ver:\"3.0.7-3.lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"racoon\", ver:\"0.7.1-1.3+lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ipsec-tools\", ver:\"0.7.1-1.3+lenny2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-doc\", ver:\"4.2.0a+stable-8.1ubuntu6.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-server\", ver:\"4.2.0a+stable-8.1ubuntu6.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-simple\", ver:\"4.2.0a+stable-8.1ubuntu6.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp\", ver:\"4.2.0a+stable-8.1ubuntu6.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntpdate\", ver:\"4.2.0a+stable-8.1ubuntu6.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-refclock\", ver:\"4.2.0a+stable-8.1ubuntu6.2\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-doc\", ver:\"4.2.4p4+dfsg-6ubuntu2.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp\", ver:\"4.2.4p4+dfsg-6ubuntu2.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntpdate\", ver:\"4.2.4p4+dfsg-6ubuntu2.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp-doc\", ver:\"4.2.4p4+dfsg-7ubuntu5.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntp\", ver:\"4.2.4p4+dfsg-7ubuntu5.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ntpdate\", ver:\"4.2.4p4+dfsg-7ubuntu5.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2021-10-19T20:38:06", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a buffer overflow flaw was found in the CIFSTCon() function of the Linux\nkernel Common Internet File System (CIFS) implementation. When mounting a\nCIFS share, a malicious server could send an overly-long string to the\nclient, possibly leading to a denial of service or privilege escalation on\nthe client mounting the CIFS share. (CVE-2009-1439, Important)\n\n* the Linux kernel Network File System daemon (nfsd) implementation did not\ndrop the CAP_MKNOD capability when handling requests from local,\nunprivileged users. This flaw could possibly lead to an information leak or\nprivilege escalation. (CVE-2009-1072, Moderate)\n\n* a deficiency was found in the Linux kernel signals implementation. The\nkill_something_info() function did not check if a process was outside the\ncaller's namespace before sending the kill signal, making it possible to\nkill processes in all process ID (PID) namespaces, breaking PID namespace\nisolation. (CVE-2009-1338, Moderate)\n\n* a flaw was found in the AGPGART driver. The agp_generic_alloc_page() and\nagp_generic_alloc_pages() functions did not zero out the memory pages they\nallocate, which may later be available to user-space processes. This flaw\ncould possibly lead to an information leak. (CVE-2009-1192, Low)\n\nThese updated packages also fix the following bugs:\n\n* the \"-fwrapv\" flag was added to the gcc build options to prevent gcc from\noptimizing away wrapping arithmetic, as optimizing away wrapping may lead\nto unexpected results. (BZ#491264)\n\n* the bnx2x driver may have failed when highly-stressed by network\nstress-tests, resulting in network access being unavailable. This driver\nhas been updated to resolve this issue. (BZ#495472)\n\n* the file system mask, which lists capabilities for users with a file\nsystem user ID (fsuid) of 0, was missing the CAP_MKNOD and\nCAP_LINUX_IMMUTABLE capabilities. This could, potentially, allow users with\nan fsuid other than 0 to perform actions on some file system types that\nwould otherwise be prevented. This update adds these capabilities.\n(BZ#497047)\n\n* \"/proc/[pid]/maps\" and \"/proc/[pid]/smaps\" can only be read by processes\nable to use the ptrace() call on a given process; however, certain\ninformation from \"/proc/[pid]/stat\" and \"/proc/[pid]/wchan\" could be used\nto reconstruct memory maps, making it possible to bypass the Address Space\nLayout Randomization (ASLR) security feature. This update addresses this\nissue. (BZ#499550)\n\n* the get_random_int() function returned the same number until the jiffies\ncounter (which ticks at a clock interrupt frequency) or process ID (PID)\nchanged, making it possible to predict the random numbers. This may have\nhelped to bypass the ASLR security feature. With this update,\nget_random_int() is more random and no longer uses a common seed value.\nThis reduces the possibility of predicting the values get_random_int()\nreturns. (BZ#499787)\n\nAll Red Hat Enterprise MRG users should upgrade to these updated packages,\nwhich contain backported patches to resolve these issues. Note: The system\nmust be rebooted for this update to take effect.", "cvss3": {}, "published": "2009-06-03T00:00:00", "type": "redhat", "title": "(RHSA-2009:1081) Important: kernel-rt security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1072", "CVE-2009-1192", "CVE-2009-1338", "CVE-2009-1439", "CVE-2009-3238"], "modified": "2019-03-22T19:44:33", "id": "RHSA-2009:1081", "href": "https://access.redhat.com/errata/RHSA-2009:1081", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:32", "description": "Multiple DoS conditions, peivilege escalations, information leaks and memory corruptions.", "cvss3": {}, "published": "2009-05-04T00:00:00", "type": "securityvulns", "title": "Linux kernel multiple security vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2009-1046", "CVE-2009-0859", "CVE-2009-1242", "CVE-2009-1192", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-1439"], "modified": "2009-05-04T00:00:00", "id": "SECURITYVULNS:VULN:9889", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9889", "sourceData": "", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-1787-1 security@debian.org\r\nhttp://www.debian.org/security/ Dann Frazier\r\nMay 2, 2009 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6.24\r\nVulnerability : denial of service/privilege escalation/information leak\r\nProblem type : local/remote\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2008-4307 CVE-2008-5079 CVE-2008-5395 CVE-2008-5700\r\n CVE-2008-5701 CVE-2008-5702 CVE-2009-0028 CVE-2009-0029\r\n CVE-2009-0031 CVE-2009-0065 CVE-2009-0269 CVE-2009-0322\r\n CVE-2009-0675 CVE-2009-0676 CVE-2009-0745 CVE-2009-0834\r\n CVE-2009-0859 CVE-2009-1046 CVE-2009-1192 CVE-2009-1242\r\n CVE-2009-1265 CVE-2009-1337 CVE-2009-1338 CVE-2009-1439\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that\r\nmay lead to a denial of service or privilege escalation. The Common\r\nVulnerabilities and Exposures project identifies the following\r\nproblems:\r\n\r\nCVE-2008-4307\r\n\r\n Bryn M. Reeves reported a denial of service in the NFS filesystem.\r\n Local users can trigger a kernel BUG&#40;&#41; due to a race condition in\r\n the do_setlk function.\r\n\r\nCVE-2008-5079\r\n\r\n Hugo Dias reported a DoS condition in the ATM subsystem that can\r\n be triggered by a local user by calling the svc_listen function\r\n twice on the same socket and reading /proc/net/atm/*vc.\r\n\r\nCVE-2008-5395\r\n\r\n Helge Deller discovered a denial of service condition that allows\r\n local users on PA-RISC systems to crash a system by attempting to\r\n unwind a stack contiaining userspace addresses.\r\n\r\nCVE-2008-5700\r\n\r\n Alan Cox discovered a lack of minimum timeouts on SG_IO requests,\r\n which allows local users of systems using ATA to cause a denial of\r\n service by forcing drives into PIO mode.\r\n \r\nCVE-2008-5701\r\n\r\n Vlad Malov reported an issue on 64-bit MIPS systems where a local\r\n user could cause a system crash by crafing a malicious binary\r\n which makes o32 syscalls with a number less than 4000.\r\n\r\nCVE-2008-5702\r\n\r\n Zvonimir Rakamaric reported an off-by-one error in the ib700wdt\r\n watchdog driver which allows local users to cause a buffer\r\n underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl\r\n call.\r\n\r\nCVE-2009-0028\r\n\r\n Chris Evans discovered a situation in which a child process can\r\n send an arbitrary signal to its parent.\r\n\r\nCVE-2009-0029\r\n\r\n Christian Borntraeger discovered an issue effecting the alpha,\r\n mips, powerpc, s390 and sparc64 architectures that allows local\r\n users to cause a denial of service or potentially gain elevated\r\n privileges.\r\n\r\nCVE-2009-0031\r\n\r\n Vegard Nossum discovered a memory leak in the keyctl subsystem\r\n that allows local users to cause a denial of service by consuming\r\n all of kernel memory.\r\n\r\nCVE-2009-0065\r\n\r\n Wei Yongjun discovered a memory overflow in the SCTP\r\n implementation that can be triggered by remote users, permitting\r\n remote code execution.\r\n \r\nCVE-2009-0269\r\n\r\n Duane Griffin provided a fix for an issue in the eCryptfs\r\n subsystem which allows local users to cause a denial of service\r\n &#40;fault or memory corruption&#41;.\r\n\r\nCVE-2009-0322\r\n\r\n Pavel Roskin provided a fix for an issue in the dell_rbu driver\r\n that allows a local user to cause a denial of service &#40;oops&#41; by\r\n reading 0 byts from a sysfs entry.\r\n\r\nCVE-2009-0675\r\n\r\n Roel Kluin discovered inverted logic in the skfddi driver that\r\n permits local, unprivileged users to reset the driver statistics.\r\n\r\nCVE-2009-0676\r\n\r\n Clement LECIGNE discovered a bug in the sock_getsockopt function\r\n that may result in leaking sensitive kernel memory.\r\n\r\nCVE-2009-0745\r\n\r\n Peter Kerwien discovered an issue in the ext4 filesystem that\r\n allows local users to cause a denial of service &#40;kernel oops&#41;\r\n during a resize operation.\r\n\r\nCVE-2009-0834\r\n\r\n Roland McGrath discovered an issue on amd64 kernels that allows\r\n local users to circumvent system call audit configurations which\r\n filter based on the syscall numbers or argument details.\r\n\r\nCVE-2009-0859\r\n\r\n Jiri Olsa discovered that a local user can cause a denial of\r\n service &#40;system hang&#41; using a SHM_INFO shmctl call on kernels\r\n compiled with CONFIG_SHMEM disabled. This issue does not affect\r\n prebuilt Debian kernels.\r\n\r\nCVE-2009-1046\r\n\r\n Mikulas Patocka reported an issue in the console subsystem that\r\n allows a local user to cause memory corruption by selecting a\r\n small number of 3-byte UTF-8 characters.\r\n\r\nCVE-2009-1192\r\n\r\n Shaohua Li reported an issue in the AGP subsystem they may allow\r\n local users to read sensitive kernel memory due to a leak of\r\n uninitialized memory.\r\n\r\nCVE-2009-1242\r\n\r\n Benjamin Gilbert reported a local denial of service vulnerability\r\n in the KVM VMX implementation that allows local users to trigger\r\n an oops.\r\n\r\nCVE-2009-1265\r\n\r\n Thomas Pollet reported an overflow in the af_rose implementation\r\n that allows remote attackers to retrieve uninitialized kernel\r\n memory that may contain sensitive data.\r\n\r\nCVE-2009-1337\r\n\r\n Oleg Nesterov discovered an issue in the exit_notify function that\r\n allows local users to send an arbitrary signal to a process by\r\n running a program that modifies the exit_signal field and then\r\n uses an exec system call to launch a setuid application.\r\n\r\nCVE-2009-1338\r\n\r\n Daniel Hokka Zakrisson discovered that a kill&#40;-1&#41; is permitted to\r\n reach processes outside of the current process namespace.\r\n \r\nCVE-2009-1439\r\n\r\n Pavan Naregundi reported an issue in the CIFS filesystem code that\r\n allows remote users to overwrite memory via a long\r\n nativeFileSystem field in a Tree Connect response during mount.\r\n\r\nFor the stable distribution &#40;etch&#41;, these problems have been fixed in\r\nversion 2.6.24-6~etchnhalf.8etch1.\r\n\r\nWe recommend that you upgrade your linux-2.6.24 packages.\r\n\r\nNote: Debian &#39;etch&#39; includes linux kernel packages based upon both the\r\n2.6.18 and 2.6.24 linux releases. All known security issues are\r\ncarefully tracked against both packages and both packages will receive\r\nsecurity updates until security support for Debian &#39;etch&#39;\r\nconcludes. However, given the high frequency at which low-severity\r\nsecurity issues are discovered in the kernel and the resource\r\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\r\nupdates will typically release in a staggered or &quot;leap-frog&quot; fashion.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\nDebian GNU/Linux 4.0 alias etch\r\n- -------------------------------\r\n\r\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.diff.gz\r\n Size/MD5 checksum: 4033829 ff5f9342fbd061dcab316080057bf9ac\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.dsc\r\n Size/MD5 checksum: 5117 c71acfa6a187429a702d368e5974d082\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz\r\n Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 82422 f39c24b3acf13eee80ab07421e120bc7\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 4260850 8b0891fa602714572b2ea8be13d4b2eb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 96802 317936645be453126afab54705999059\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 1542086 460bc638a040b2674f4da6e30fc975f1\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 46865722 b3afc19906294f1990ab97e6c8943285\r\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\r\n Size/MD5 checksum: 917482 dc533207197184a44dcc931372534b0b\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 82038 12269f5ccc3251bed6544c82ace6bab8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 26736698 8714134f74ad24d4a761d9e1b18c84dc\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 332080 2632341b6c0d98b6798103d4e03a4980\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 26757530 c00a3280cf8bc9d18e52c64202af9e34\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 27341904 ee355aab70b9061c511e7152929c150a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 331054 7d30fb320e409180de47bdf7be8430c2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 3454072 01417e58c71bb9515a4011c390be0580\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 82010 cff77bfb7491d357acc7d9d50dc0217e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb\r\n Size/MD5 checksum: 330926 1b2c38a3628e25cc62b7e555800d48e5\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 19480638 9f9f06adb37a611ed3f24000859beb03\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 3654580 aac989a8eee05d7adaf9731dfdda062f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 344960 4a6f4ac493086ec243734b3b6968a2bd\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 82010 f7713fceebf11933dd20c7db1c636df0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_amd64.deb\r\n Size/MD5 checksum: 81998 7f2d31a9d80ae34c397d90912dbbb46f\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 308926 05539199c8e837c4fccc75172a9c82be\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 82136 39e67aa9c8617379a54c9f36d0d72572\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 3939598 804e621a444954f2045f27a9282ae77a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 306808 3086d994c254c2481c6610729c6ee182\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 296510 23d73ccad75398f169ad602db513b908\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 9351566 c0326566806f5c7ed8de2342f4de857a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 10775966 6661bd851503d953c4ca43b6f8e85deb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 10768304 daca396e0f5decdfe92a7724069daa50\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8etch1_arm.deb\r\n Size/MD5 checksum: 82166 8bb034ce3157aeefe7c3c692ebe14df4\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 261644 7c1852bbe840ac3d90c12d452e2681cf\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 82016 293d2bba2cb8563e700377ada35f2ba2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 259304 f3db74269efbac5501598e35a462bf20\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 82038 bdae604446c924296cd1aac5b9be7e95\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 13332816 5d9819ffa069392df46ad94e193cbdf1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 258452 c1a9dde9f1c92b4563126d1937d4eec2\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 14385162 6cbd8dc0702e5cb15237d246883dd2c0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 258378 4a864d5f74cd4f1e05362aa00e94236a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 14847618 ab5989ffb84c1780ba7a8d06ac501f67\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 3439250 22ebf43e46ee15c1240d6881c2554248\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\r\n Size/MD5 checksum: 13845394 731ba27a151e94071c8f64ceb0da9e92\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 360908 aef486d9faf9aca0e61ea01e16d0cbc8\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19348860 15a2e2dc1fa2b3b423d3010272f7f3f6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 82124 ee99a97dc91f3c2e205bce0b901904c0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 359834 d80f275632e07acaaa02679eee976bb6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 82160 07df09b3f1af03cd0f20d2b0cf2b679a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 347518 a3530c65c732ef54f207a3551c85ec9f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19344944 28d8879c242e0698ee8524d006970445\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 361402 3bad41e46bd717ebe8d15e0473f130eb\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19589084 a8319258d3194cd59fa263a1b66a5626\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 19278254 608362b1503eb3ec838bd01152d7aa93\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_i386.deb\r\n Size/MD5 checksum: 3647296 a6ce4748c3fefd49a40ebbfed1e004f9\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 318210 76ad07637a2fac8a32d827c23f893ffa\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 32025152 eb4eec0df149a61e18ae22ef8c50eb43\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 318482 a155708aa4e74d90e54a4f107221c995\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 3567324 0e1d20a7ecbf444ad6aba30cc169963d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 82000 f66623c2c53891b0d92055fb032d0592\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 32206190 62738a79d48dffcad324124d2b73f3d4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8etch1_ia64.deb\r\n Size/MD5 checksum: 82028 6aa864922de84ad84cfff13eb9ce71ee\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 308452 f5d33880c20e98b12a9ad5ef53743910\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 214502 a39b0ecffd3a215979f8e5bcdcd78bfe\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 17166576 38a62721888bbb2f0fc4d7fbdba70c9e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 82062 3aa3ea6a854d046759d5824257e47bf3\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 17151594 603b866be5168c042bbef832eb253c9d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 10522386 725913ed966df3029d3f72332af590fd\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 225228 e8ad107d20c67c798cdb093ae150592c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 246218 69eee0d55e37c414da07e70b90c190a9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 11957416 9d75b25a0668735d4bfb1fac77788723\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 27772372 307325283c10af9dd6dc8cb4f0de39a7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 246310 815dfe8f02f354f03f0d63f8605bedd9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 22150880 d183f2a93f59d18034573fd7febf5e22\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 3803446 4448552a0dd930e3d51a800c1d6deb50\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 82008 871aace093a3411d3d01dfcc19e57a7a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\r\n Size/MD5 checksum: 309908 ebc141db56c3f149eaf265af89054e03\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 3803432 926f0974edf97ded8ef4bd4f99847b35\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 245716 9a62f6221f1b1e36c8b397e5afcb966a\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 82060 401c4c5fb02f54a0deacef21bf630b0e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 26982892 39032aaca4b2a6cecc7091022a42e2b7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 16629962 874a967e72aa10398626267cb2d5ba54\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 21732318 7819062b50720a60a098d086978298ea\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 82012 06886337047db3ad1df77cc919c4cff6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 246190 ec4b8f66e8a0065d694f990745049e7e\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 16566324 d778d8f7f199e49cb087fafaef7eb551\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 13316760 aadc4a462ca185163c902551556c92f6\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 309226 44e7866afb834db0bf71a9d034d729ba\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 308360 e53f7681e10aa6b07d1ea3e3b58622da\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb\r\n Size/MD5 checksum: 245984 a572ee84ea19bb4bb908e6c20a56ca37\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 19194974 99103ae37f6001139ea44dd31f84183f\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 320916 0ba37f3d80f38b92b9097ea7e90fb3e7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 320840 0ab836295bc998d5b54f9d54bb2bd23c\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 19485870 bbee80ba2e47827a9f8ac2360ccf9e68\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 3672412 4ff49fe861ab4f49eec95d425114c349\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 82012 03d29f46bdcab8bab20d237a294fc242\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 295058 7718f3ba536f4af7252961bbbbab24be\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 21169748 db5e60f6e3ba1fcd12a793fd30f75c14\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 17459470 60369530c57a669b6c9bcd441f757417\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 322436 779ccace55f22bdcf1ccd9212033b58d\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\r\n Size/MD5 checksum: 82046 39a3cbedcbc4e13f997b7641394e3ad0\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 1501738 7bf06e1f51092c18b512045444fba8e9\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 193848 6713da5dfd8696c27718075e6cb3fa03\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 82016 1668a7a797859f5d9e0a7af2ba1781b4\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 6950110 9f8a8d765c71aaee7e94402626f413a1\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 82002 0f37b246336adf27ce4d37776257ff95\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 7200396 de8ace94802f259aef088e9384a4ca6b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 194084 ea695f010b1916d50f1bdad2e85dd1f0\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_s390.deb\r\n Size/MD5 checksum: 3429706 8a40f944fa6b7c64353d76154bded277\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 82152 88b0f93df760ac992f30c1927d0144f7\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 3652306 42dda4de967328363df86bee8ba0c53b\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 13022916 93538efd19eae1488128df8a3a73b957\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 263066 c796e2fd4e51ff6a66d9eec594c81386\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 13317632 e50f9515e67c38d66c58f317bf2c9292\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 264930 a1d0ba75ee8eded18b4d97327ebd0291\r\n \r\nhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_sparc.deb\r\n Size/MD5 checksum: 82128 6c1ebe596b196e25cb0307f78ab1f358\r\n\r\n\r\n These changes will probably be included in the oldstable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFJ/JE8huANDBmkLRkRAlzXAJwJvkPuUoKwLYQPFVnF7t2DRIkzjQCgg8zC\r\nw+zXZAH5HPrUZ78bMIHk8Sw=\r\n=KhiR\r\n-----END PGP SIGNATURE-----", "cvss3": {}, "published": "2009-05-04T00:00:00", "type": "securityvulns", "title": "[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities", "bulletinFamily": "software", "hackapp": {}, "cvss2": {}, "cvelist": ["CVE-2008-5702", "CVE-2009-1046", "CVE-2008-5395", "CVE-2008-5700", "CVE-2009-0859", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2009-05-04T00:00:00", "id": "SECURITYVULNS:DOC:21767", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21767", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osv": [{"lastseen": "2022-08-10T07:07:26", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\n\n* [CVE-2009-0028](https://security-tracker.debian.org/tracker/CVE-2009-0028)\nChris Evans discovered a situation in which a child process can\n send an arbitrary signal to its parent.\n* [CVE-2009-0834](https://security-tracker.debian.org/tracker/CVE-2009-0834)\nRoland McGrath discovered an issue on amd64 kernels that allows\n local users to circumvent system call audit configurations which\n filter based on the syscall numbers or argument details.\n* [CVE-2009-0835](https://security-tracker.debian.org/tracker/CVE-2009-0835)\nRoland McGrath discovered an issue on amd64 kernels with\n CONFIG\\_SECCOMP enabled. By making a specially crafted syscall,\n local users can bypass access restrictions.\n* [CVE-2009-0859](https://security-tracker.debian.org/tracker/CVE-2009-0859)\nJiri Olsa discovered that a local user can cause a denial of\n service (system hang) using a SHM\\_INFO shmctl call on kernels\n compiled with CONFIG\\_SHMEM disabled. This issue does not affect\n prebuilt Debian kernels.\n* [CVE-2009-1046](https://security-tracker.debian.org/tracker/CVE-2009-1046)\nMikulas Patocka reported an issue in the console subsystem that\n allows a local user to cause memory corruption by selecting a\n small number of 3-byte UTF-8 characters.\n* [CVE-2009-1072](https://security-tracker.debian.org/tracker/CVE-2009-1072)\nIgor Zhbanov reported that nfsd was not properly dropping\n CAP\\_MKNOD, allowing users to create device nodes on file systems\n exported with root\\_squash.\n* [CVE-2009-1184](https://security-tracker.debian.org/tracker/CVE-2009-1184)\nDan Carpenter reported a coding issue in the selinux subsystem\n that allows local users to bypass certain networking checks when\n running with compat\\_net=1.\n* [CVE-2009-1192](https://security-tracker.debian.org/tracker/CVE-2009-1192)\nShaohua Li reported an issue in the AGP subsystem they may allow\n local users to read sensitive kernel memory due to a leak of\n uninitialized memory.\n* [CVE-2009-1242](https://security-tracker.debian.org/tracker/CVE-2009-1242)\nBenjamin Gilbert reported a local denial of service vulnerability\n in the KVM VMX implementation that allows local users to trigger\n an oops.\n* [CVE-2009-1265](https://security-tracker.debian.org/tracker/CVE-2009-1265)\nThomas Pollet reported an overflow in the af\\_rose implementation\n that allows remote attackers to retrieve uninitialized kernel\n memory that may contain sensitive data.\n* [CVE-2009-1337](https://security-tracker.debian.org/tracker/CVE-2009-1337)\nOleg Nesterov discovered an issue in the exit\\_notify function that\n allows local users to send an arbitrary signal to a process by\n running a program that modifies the exit\\_signal field and then\n uses an exec system call to launch a setuid application.\n* [CVE-2009-1338](https://security-tracker.debian.org/tracker/CVE-2009-1338)\nDaniel Hokka Zakrisson discovered that a kill(-1) is permitted to\n reach processes outside of the current process namespace.\n* [CVE-2009-1439](https://security-tracker.debian.org/tracker/CVE-2009-1439)\nPavan Naregundi reported an issue in the CIFS filesystem code that\n allows remote users to overwrite memory via a long\n nativeFileSystem field in a Tree Connect response during mount.\n\n\nFor the oldstable distribution (etch), these problems, where applicable,\nwill be fixed in future updates to linux-2.6 and linux-2.6.24.\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or \"leap-frog\" fashion.\n\n\n", "cvss3": {}, "published": "2009-05-15T00:00:00", "type": "osv", "title": "linux-2.6 user-mode-linux - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1046", "CVE-2009-0859", "CVE-2009-1184", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-1072", "CVE-2009-0835", "CVE-2009-1192", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-1439"], "modified": "2022-08-10T07:07:24", "id": "OSV:DSA-1800-1", "href": "https://osv.dev/vulnerability/DSA-1800-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-21T08:33:16", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\n\n* [CVE-2008-4307](https://security-tracker.debian.org/tracker/CVE-2008-4307)\nBryn M. Reeves reported a denial of service in the NFS filesystem.\n Local users can trigger a kernel BUG() due to a race condition in\n the do\\_setlk function.\n* [CVE-2008-5079](https://security-tracker.debian.org/tracker/CVE-2008-5079)\nHugo Dias reported a DoS condition in the ATM subsystem that can\n be triggered by a local user by calling the svc\\_listen function\n twice on the same socket and reading /proc/net/atm/\\*vc.\n* [CVE-2008-5395](https://security-tracker.debian.org/tracker/CVE-2008-5395)\nHelge Deller discovered a denial of service condition that allows\n local users on PA-RISC systems to crash a system by attempting to\n unwind a stack containing userspace addresses.\n* [CVE-2008-5700](https://security-tracker.debian.org/tracker/CVE-2008-5700)\nAlan Cox discovered a lack of minimum timeouts on SG\\_IO requests,\n which allows local users of systems using ATA to cause a denial of\n service by forcing drives into PIO mode.\n* [CVE-2008-5701](https://security-tracker.debian.org/tracker/CVE-2008-5701)\nVlad Malov reported an issue on 64-bit MIPS systems where a local\n user could cause a system crash by crafing a malicious binary\n which makes o32 syscalls with a number less than 4000.\n* [CVE-2008-5702](https://security-tracker.debian.org/tracker/CVE-2008-5702)\nZvonimir Rakamaric reported an off-by-one error in the ib700wdt\n watchdog driver which allows local users to cause a buffer\n underflow by making a specially crafted WDIOC\\_SETTIMEOUT ioctl\n call.\n* [CVE-2009-0028](https://security-tracker.debian.org/tracker/CVE-2009-0028)\nChris Evans discovered a situation in which a child process can\n send an arbitrary signal to its parent.\n* [CVE-2009-0029](https://security-tracker.debian.org/tracker/CVE-2009-0029)\nChristian Borntraeger discovered an issue effecting the alpha,\n mips, powerpc, s390 and sparc64 architectures that allows local\n users to cause a denial of service or potentially gain elevated\n privileges.\n* [CVE-2009-0031](https://security-tracker.debian.org/tracker/CVE-2009-0031)\nVegard Nossum discovered a memory leak in the keyctl subsystem\n that allows local users to cause a denial of service by consuming\n all of kernel memory.\n* [CVE-2009-0065](https://security-tracker.debian.org/tracker/CVE-2009-0065)\nWei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users, permitting\n remote code execution.\n* [CVE-2009-0269](https://security-tracker.debian.org/tracker/CVE-2009-0269)\nDuane Griffin provided a fix for an issue in the eCryptfs\n subsystem which allows local users to cause a denial of service\n (fault or memory corruption).\n* [CVE-2009-0322](https://security-tracker.debian.org/tracker/CVE-2009-0322)\nPavel Roskin provided a fix for an issue in the dell\\_rbu driver\n that allows a local user to cause a denial of service (oops) by\n reading 0 bytes from a sysfs entry.\n* [CVE-2009-0675](https://security-tracker.debian.org/tracker/CVE-2009-0675)\nRoel Kluin discovered inverted logic in the skfddi driver that\n permits local, unprivileged users to reset the driver statistics.\n* [CVE-2009-0676](https://security-tracker.debian.org/tracker/CVE-2009-0676)\nClement LECIGNE discovered a bug in the sock\\_getsockopt function\n that may result in leaking sensitive kernel memory.\n* [CVE-2009-0745](https://security-tracker.debian.org/tracker/CVE-2009-0745)\nPeter Kerwien discovered an issue in the ext4 filesystem that\n allows local users to cause a denial of service (kernel oops)\n during a resize operation.\n* [CVE-2009-0834](https://security-tracker.debian.org/tracker/CVE-2009-0834)\nRoland McGrath discovered an issue on amd64 kernels that allows\n local users to circumvent system call audit configurations which\n filter based on the syscall numbers or argument details.\n* [CVE-2009-0859](https://security-tracker.debian.org/tracker/CVE-2009-0859)\nJiri Olsa discovered that a local user can cause a denial of\n service (system hang) using a SHM\\_INFO shmctl call on kernels\n compiled with CONFIG\\_SHMEM disabled. This issue does not affect\n prebuilt Debian kernels.\n* [CVE-2009-1046](https://security-tracker.debian.org/tracker/CVE-2009-1046)\nMikulas Patocka reported an issue in the console subsystem that\n allows a local user to cause memory corruption by selecting a\n small number of 3-byte UTF-8 characters.\n* [CVE-2009-1192](https://security-tracker.debian.org/tracker/CVE-2009-1192)\nShaohua Li reported an issue in the AGP subsystem that may allow\n local users to read sensitive kernel memory due to a leak of\n uninitialized memory.\n* [CVE-2009-1242](https://security-tracker.debian.org/tracker/CVE-2009-1242)\nBenjamin Gilbert reported a local denial of service vulnerability\n in the KVM VMX implementation that allows local users to trigger\n an oops.\n* [CVE-2009-1265](https://security-tracker.debian.org/tracker/CVE-2009-1265)\nThomas Pollet reported an overflow in the af\\_rose implementation\n that allows remote attackers to retrieve uninitialized kernel\n memory that may contain sensitive data.\n* [CVE-2009-1337](https://security-tracker.debian.org/tracker/CVE-2009-1337)\nOleg Nesterov discovered an issue in the exit\\_notify function that\n allows local users to send an arbitrary signal to a process by\n running a program that modifies the exit\\_signal field and then\n uses an exec system call to launch a setuid application.\n* [CVE-2009-1338](https://security-tracker.debian.org/tracker/CVE-2009-1338)\nDaniel Hokka Zakrisson discovered that a kill(-1) is permitted to\n reach processes outside of the current process namespace.\n* [CVE-2009-1439](https://security-tracker.debian.org/tracker/CVE-2009-1439)\nPavan Naregundi reported an issue in the CIFS filesystem code that\n allows remote users to overwrite memory via a long\n nativeFileSystem field in a Tree Connect response during mount.\n\n\nFor the oldstable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.8etch1.\n\n\nWe recommend that you upgrade your linux-2.6.24 packages.\n\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch'\nconcludes. However, given the high frequency at which low-severity\nsecurity issues are discovered in the kernel and the resource\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\nupdates will typically release in a staggered or \"leap-frog\" fashion.\n\n\n", "cvss3": {}, "published": "2009-05-02T00:00:00", "type": "osv", "title": "linux-2.6.24 - several vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5702", "CVE-2009-1046", "CVE-2008-5395", "CVE-2008-5700", "CVE-2009-0859", "CVE-2009-0675", "CVE-2008-4307", "CVE-2009-0028", "CVE-2009-1242", "CVE-2009-0322", "CVE-2009-0676", "CVE-2009-1192", "CVE-2008-5079", "CVE-2009-0065", "CVE-2009-0745", "CVE-2009-1338", "CVE-2009-1337", "CVE-2009-0269", "CVE-2009-0834", "CVE-2009-1265", "CVE-2009-0031", "CVE-2009-1439", "CVE-2009-0029", "CVE-2008-5701"], "modified": "2022-07-21T05:46:51", "id": "OSV:DSA-1787-1", "href": "https://osv.dev/vulnerability/DSA-1787-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2023-05-02T17:17:20", "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1800-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nMay 15, 2009 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : denial of service/privilege escalation/sensitive memory leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-0028 CVE-2009-0834 CVE-2009-0835 CVE-2009-0859\n CVE-2009-1046 CVE-2009-1072 CVE-2009-1184 CVE-2009-1192\n CVE-2009-1242 CVE-2009-1265 CVE-2009-1337 CVE-2009-1338\n CVE-2009-1439\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2009-0028\n\n Chris Evans discovered a situation in which a child process can\n send an arbitrary signal to its parent.\n\nCVE-2009-0834\n\n Roland McGrath discovered an issue on amd64 kernels that allows\n local users to circumvent system call audit configurations which\n filter based on the syscall numbers or argument details.\n\nCVE-2009-0835\n\n Roland McGrath discovered an issue on amd64 kernels with\n CONFIG_SECCOMP enabled. By making a specially crafted syscall,\n local users can bypass access restrictions.\n\nCVE-2009-0859\n\n Jiri Olsa discovered that a local user can cause a denial of\n service (system hang) using a SHM_INFO shmctl call on kernels\n compiled with CONFIG_SHMEM disabled. This issue does not affect\n prebuilt Debian kernels.\n\nCVE-2009-1046\n\n Mikulas Patocka reported an issue in the console subsystem that\n allows a local user to cause memory corruption by selecting a\n small number of 3-byte UTF-8 characters.\n\nCVE-2009-1072\n\n Igor Zhbanov reported that nfsd was not properly dropping\n CAP_MKNOD, allowing users to create device nodes on file systems\n exported with root_squash.\n\nCVE-2009-1184\n\n Dan Carpenter reported a coding issue in the selinux subsystem\n that allows local users to bypass certain networking checks when\n running with compat_net=1.\n \nCVE-2009-1192\n\n Shaohua Li reported an issue in the AGP subsystem they may allow\n local users to read sensitive kernel memory due to a leak of\n uninitialized memory.\n\nCVE-2009-1242\n\n Benjamin Gilbert reported a local denial of service vulnerability\n in the KVM VMX implementation that allows local users to trigger\n an oops.\n\nCVE-2009-1265\n\n Thomas Pollet reported an overflow in the af_rose implementation\n that allows remote attackers to retrieve uninitialized kernel\n memory that may contain sensitive data.\n\nCVE-2009-1337\n\n Oleg Nesterov discovered an issue in the exit_notify function that\n allows local users to send an arbitrary signal to a process by\n running a program that modifies the exit_signal field and then\n uses an exec system call to launch a setuid application.\n\nCVE-2009-1338\n\n Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to\n reach processes outside of the current process namespace.\n \nCVE-2009-1439\n\n Pavan Naregundi reported an issue in the CIFS filesystem code that\n allows remote users to overwrite memory via a long\n nativeFileSystem field in a Tree Connect response during mount.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\nFor the oldstable distribution (etch), these problems, where applicable,\nwill be fixed in future updates to linux-2.6 and linux-2.6.24.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or &quot;leap-frog&quot; fashion.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatability with or to take advantage of this update:\n\n Debian 5.0 (lenny)\n user-mode-linux 2.6.26-1um-2+15lenny2\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-15lenny2.diff.gz\n Size/MD5 checksum: 7329571 1bce8a02959ba560840a7ddf3c85d903\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26.orig.tar.gz\n Size/MD5 checksum: 61818969 85e039c2588d5bf3cb781d1c9218bbcb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-2.6_2.6.26-15lenny2.dsc\n Size/MD5 checksum: 5777 5a7ff16752f5110837e60b4a5c8e9000\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2.dsc\n Size/MD5 checksum: 1272 46e99e7c41b6ab88585e915a38834af2\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2.diff.gz\n Size/MD5 checksum: 13274 692ffd3b2e648159d13941cffe052413\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um.orig.tar.gz\n Size/MD5 checksum: 12566 58cd8b7f3a51b2272c9afc10b81551cc\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-support-2.6.26-2_2.6.26-15lenny2_all.deb\n Size/MD5 checksum: 119468 9ad04974bda322d3bbef07498f30a9d6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-manual-2.6.26_2.6.26-15lenny2_all.deb\n Size/MD5 checksum: 1757514 bb327a7a975d8c99f17dfd155a2a72a2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-tree-2.6.26_2.6.26-15lenny2_all.deb\n Size/MD5 checksum: 104110 bdd9af9837d54a8fb50129861c97dc8f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-source-2.6.26_2.6.26-15lenny2_all.deb\n Size/MD5 checksum: 48700438 49386b86f3c839ac6fcdb18bd8c29c04\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-patch-debian-2.6.26_2.6.26-15lenny2_all.deb\n Size/MD5 checksum: 2261264 29b2eb0593f8a91f2d0ec226d273b9da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-doc-2.6.26_2.6.26-15lenny2_all.deb\n Size/MD5 checksum: 4624712 dd7e6ff69cf56f23c60496ff73f7298b\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 751056 dafcb057c2a435bd9df498619e29e1a7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-legacy_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 369566 f56eadc0219fd2a2747b83ba4ab8eacb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-legacy_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 28444362 7550723b98c8449b38be12f9878d3778\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 3608062 b9ef0cc9e5c6d91626182ae4dd6ba8e8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-generic_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 369154 f93e3de04d17cbe97485014d90f3c28c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-alpha-smp_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 369350 7f2fd6ba761701961161a47a96072689\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 103660 bdc8b2803a3e66f5359f256270d6f5ae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-alpha_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 103676 ed05e6468ab11308e64166a3ee12e881\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-alpha-smp_2.6.26-15lenny2_alpha.deb\n Size/MD5 checksum: 29151222 870766e5b3f04cf9c035cbeac559938a\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 392188 0654ee97b3c916c94e101a28e62b7758\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 3935410 078ccbf5fd16712f8bf5ff151de046c9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 20918522 69de946d1bfb38db74dd37dc11bb77a2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 392818 ab57bec86e9379a94a35e99751905d8b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 3852298 9ac3894ba6a9c59c5c246b1cb515088f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 388042 76cc4730e19076a63e7a984581599e82\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 103642 96e6f166c99d1345c2532e6128d68b63\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 19288550 8e326e2bf136131abca1a3a60ddab9de\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 397950 666585c1b6514caac9513ee0e960e549\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 761832 88fe1a58c498c24ec8ccbe45ae862715\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 103686 fe41064607e75452828b8d9b7ee43e05\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 3830612 ba30367c79415273f405f7badde67ef7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 20896590 733b6e160bd73635703449966f4014c2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 21074418 7bcb629b5c1ab7edd559cfd1518606eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 3794626 841fa07f11ebced3f6043398764203c2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 103652 9d14ba4a406d5c2f54377e9ed9385291\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-amd64_2.6.26-15lenny2_amd64.deb\n Size/MD5 checksum: 1799890 3fbde882e04f90712afab46ceb1d2e4f\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2_amd64.deb\n Size/MD5 checksum: 5823978 d57d4ddc15c0c661db45766236aafd1f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 357196 61cf0294a78ae1aa4980eadc186b02bf\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 11714240 6e461c880ce62f76fc2ae450df65ac7f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 4135562 934da0c4113cf93379303d7c426b9ec0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-footbridge_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 345872 51a9ca83773967b4fca791ad7304e8b9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 11407528 01c0704554c7e5783af0bfe243583b2f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-footbridge_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 10229940 7cdafb4746b99daf343615abd065b52c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 360706 c0553218a6dc212e6e262f2c5d4e95e9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 362878 063b38690d57b4bed42f47ae6669a205\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 103570 67283a7c868e3b020ea32df43305e6cb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 743442 f032b462f2ced0b29ef8fad467dc53e3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-arm_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 103614 b834c333d52e174cfafa707c1cf6007f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-15lenny2_arm.deb\n Size/MD5 checksum: 12429986 3e583ab23c35a27a13cb10cc0da581f0\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-ixp4xx_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 362534 553b5d4a96face61b87a8e072f1f9ff8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 4127498 168ff1a45080f3c4cba4a04d1b326b16\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-ixp4xx_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 11682088 d75f73e9f4614bfb13de3c73b5b2ae9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 744114 76f75b81436e3b3b387e8fd405535dca\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-versatile_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 334058 16bf2ddbe077aef886e30ecd08320792\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-iop32x_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 12394862 3dcf9c71e56fbd49c1ac8088c2271a67\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-orion5x_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 359142 f44a38848367e077d3ab10095695a1f9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-armel_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 103698 b2db17336a565129e4cd858cfdbebdec\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-versatile_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 9570956 c1202b4698c40d8ba708227cc463ba75\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-iop32x_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 364206 28ac049650ad018de6f30b2f974c335e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-orion5x_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 11370938 f1272a12e1fe6bdb4a1e75be8d205c08\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_armel.deb\n Size/MD5 checksum: 103664 efcc623f3063eab822d32d3392659bb1\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 293774 11f697620d8e797204a9ee43c7e49e86\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc64-smp_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 296078 103c08b6d81814a758e70381efbd00cb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64-smp_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 17469984 5bf0999276e32dcc44eae2f5dae41c43\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 3596462 498f39403026997ec7e9bd0daa01ae05\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-hppa_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 103600 b5edaa5c335be330726ef6dbab25bcd8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc64_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 16925522 4c7ca20db89d33a0c050165a7ca41533\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 293006 b8543710d9d5eba22a4a1bc6128436d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 103574 35b0f4350ceb613d3790f054a720a2c7\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-parisc-smp_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 294442 b6ffd162c317e0bd787a6f5db35af295\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc-smp_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 16202302 30d4723632168c7a4b1a2b0ebd993c6c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 755564 07bda4c6ddbf6a86ff2d37f5faa53a3b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-parisc_2.6.26-15lenny2_hppa.deb\n Size/MD5 checksum: 15613120 13474e40e538a178556712045a1055c2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-openvz-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 401964 67ca4a3a5e393d5dfc3d72b22c29ac24\n http://security.debian.org/pool/updates/main/u/user-mode-linux/user-mode-linux_2.6.26-1um-2+15lenny2_i386.deb\n Size/MD5 checksum: 5352762 0492fa26aacea1e90a2a8076f421736d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686-bigmem_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20260632 0903069efeb795506c5de03770992c4d\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 382028 04fdd8c04218b0adabedf7255de595dc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 3715228 9a34e86a009de2cfce28c65486c435b1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 395624 e7f8a141fcce18b9175f988961560481\n http://security.debian.org/pool/updates/main/l/linux-2.6/xen-linux-system-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 103638 2e1729b6d848f742b6330e6d5a695a44\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686-bigmem_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20236806 82db8b2a80d62b4a09d33e83a88750ec\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-486_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 395790 b55d97b7a62538cc00f886ea8655e59a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-686-bigmem_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 396078 58d4fb3d17f32ffdc57a17a3a0e2a647\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20142406 30711aa079af780c44aab9474c404917\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 746566 1044f2f109e75208c88397938b0a793f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 103652 404c334a0703eb5710593c6eade7c2f3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20117418 65608dc1c7f99ab38fcd30a1a4bb06da\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686-bigmem_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 396930 e589efc8e5b6a5c0649d1b4a9508b477\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-openvz-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20412848 43c86e53ac74b81cd167e59df620c6ae\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-modules-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 17945358 6bf8a4efc2d3d2af2ed9873f0ed4a940\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-xen-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 1589190 20210ab586114583a1227b00e7ddf23c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-amd64_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 384234 86d3c745e0456a25f481c9585becd71f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-xen_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 3847862 8177698dda0696e378accfe9c3d3c44f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 3747978 b25b6df842f713a7736448d91be804a3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-i386_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 103700 05a3a356d68d4777ed08c8e88e234c17\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-686_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 396910 3b1af51b193bbb723c20f3ff1063a9f6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-amd64_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20766900 c3d03294fd3777044a6fe908e77ca56e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-486_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 20082656 0a700ba7ed7bcf1c94cffe57722c8e77\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-openvz_2.6.26-15lenny2_i386.deb\n Size/MD5 checksum: 3770904 2c20fd09d1b57aceb659b650d2a86c3e\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 3683456 f8e33d2b49c0dc0f6daaa8c1c5aed6a1\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-mckinley_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 352408 9087493ca55454b97152ebf3e12ac027\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-mckinley_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 34097344 aad5d13c617ffaf5efc31bf3fee5bdbb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 103650 61015b0fb2d786664d340caec9556cb3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-mckinley_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 351716 9a1c3c31cedebd60ea0e71a983edbe24\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-mckinley_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 34176080 7d8b2afa280521af629da3ef6a8dcf96\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-itanium_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 33920860 261eab4d401617b4e50d5e9c7fa9478c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-ia64_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 103682 e8ef7422829d57e214062770ee1516fd\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-itanium_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 351762 3c392c2f3ecc09b8794b9c08a6dda4d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-itanium_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 352368 f63441dda8bf0e1394d4e71531b5c3f6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-itanium_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 33988600 8fc3c10d5f376828d451263e2a5a0411\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 3651316 fa72532376b07227d336484a5eb9b59c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_ia64.deb\n Size/MD5 checksum: 745208 bbb6f3e7e0aa49a23b19b0995f458d2b\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 29180882 69a83b37e95628c4ca370f1c8ab6e101\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 19996594 09ab2685b1d53cd77b9554fbfafed256\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 19985912 7de8b500b44f9fc8249944de2146a251\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 3959292 ccf258221f247d7d6524511d64336422\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 295336 877afd2f578bcfe254d01dbd437c72a3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 23319736 ab01e5fb78dc39389364a8284a9fafb8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r4k-ip22_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 255696 3208d45d1fa1d3bc56452e3715044bde\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 294846 4b8c8611ab3ced1936a21719d0db327e\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mips_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 103628 e305aec4b61ee60c5638c64cb85b5f89\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 103572 ac8b9df04d63b2e077590e82a8676e6c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-ip32_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 280168 4462adb08ce8d26bf9856021b814d191\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 349818 e0e3ff2cb9251fca0729f347dfe5ecba\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r4k-ip22_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 11427614 ab6594b40bf0ce9a73c0891ba9706cc3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-ip32_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 15680942 6d69e713864dd57e7e5c52711ce65f8f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 350770 02fc7e97009a310eab609b34824f0198\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_mips.deb\n Size/MD5 checksum: 754842 f4f4b879b7a9ff4efb024cf7c81e4c8e\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-4kc-malta_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 22773614 2f02c916e762ec12aa5e6d940e6942ab\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-5kc-malta_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 346140 f074d0b61aca2a022c1b23b2a9cb31d8\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-mipsel_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 103708 7cbdf5c0f7d9091682225139e4019f4a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 739236 220a8b129147286703e70de980e70010\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 19378238 717d741afb1c4d6355bf2912e797b893\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 19385536 c743a80e3ab91e52603517987059d062\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1-bcm91250a_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 291996 72bd0ee79971f727a22e753de2a79dd2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 3887460 24f9ebab57d2f336ab2965d75ced8d04\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 103656 7e5a9a9fe6b75f773f7109fdb29c67b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-r5k-cobalt_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 14885136 b97b282ee0e13f36a0e7ec7ac90fd698\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sb1a-bcm91480b_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 291628 97184eef6ab6f4aba03c5756cf817e77\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-4kc-malta_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 346368 9f65a85c3a36a98971295da9eca49ced\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-r5k-cobalt_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 287456 f836716afe5101b627b6d017ee2cf6e3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-5kc-malta_2.6.26-15lenny2_mipsel.deb\n Size/MD5 checksum: 28242940 f848e64d548e0dc0655ff4a1e1efc263\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 3852082 41b6543dcd37c140f2c468d7c7535eed\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 23112214 960c8cfb6b15c7cbaf6edd2d4aca9216\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 103666 e2fd64d5aa6c1f98956e62b4a0260d0f\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 3886868 44038a1babafe461e01dc987d84edf9a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc64_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 23389448 f1d0e1e6ed8b15a234c8023bc258149b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc64_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 370398 90e589b7dd6b6a5a2a1e29c204b0ed68\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc64_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 370828 c556b7c5ed697ccf57eb6dee79279dfc\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 752742 e8fa3ee09312887d1d11f32d123a50d9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-powerpc_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 364504 91840865ed1ed6cc06f7e4141ee9caf6\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-powerpc_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 23548478 943ab35bb29eb5f16b065f31d98b0f10\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-powerpc_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 103692 f69df040dc9fdf8e78517698c15a5550\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc-smp_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 364426 9d91da2c31f69340de4f4fa30e5043ee\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-powerpc_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 362742 f5cc256d09740470b319faa0acb0bbeb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc64_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 23341130 8b8bee292a27f65c68ccef929f472629\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-powerpc-smp_2.6.26-15lenny2_powerpc.deb\n Size/MD5 checksum: 23515268 8253e09f72830bc475e18382d77e790c\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390x_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 226874 012f123cf2a0959a26b3842d4a01a288\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-s390x_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 7829404 b2db1074fb1f2c946dec0e6e87ff5f92\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 103648 850c0432d7d078b4626b3be6daab0a28\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390x_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 7768546 35fc35b3b56e41cd84d43f2e77c0b22b\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 3526832 fa2fb50fa267e35dd7d6800d99639256\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-s390_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 226086 2c89451b2fc1bea70667cd0ff95dae91\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 738472 31dc6942f679a420645a21e0fc0c35e0\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 7481500 e2375317ca3081bf63a3c97a5b935416\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-s390-tape_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 1625802 5160bd9986a171955f3562b75cf354b2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-s390x_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 228190 5cabeeb5263a026a97facd0ea936b762\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 3559308 e21511cdf0e9fcb7a252ab44d91b92eb\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-s390_2.6.26-15lenny2_s390.deb\n Size/MD5 checksum: 103670 3775b5b831d91e73aefaa4e75bfeb002\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all-sparc_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 103590 d03c411c9501d10750608b9b79b0cf72\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-vserver-sparc64_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 14479456 98ceecd12b774a3ebb356191d62557a2\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 3777608 881e0091bbc2885b4affe78a9ae3b07a\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 297472 1670872dd129ca10da89ef6c9661c460\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 14134838 0225ead0cde1eacf5ac523da37a7a679\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-common-vserver_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 3812750 f0bb98ba845e2e1b6b196d8015a20718\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-vserver-sparc64_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 299968 ddc83f3902293f66791c1cc24345695c\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.26-2-sparc64-smp_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 14459928 fc5eb9d5a238621723ecd3919946cbe9\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-libc-dev_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 795946 cb3b7cb116f72dd623a3ed8e7d53e3e3\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-sparc64-smp_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 298804 260d0051895126e78a28510075dc4898\n http://security.debian.org/pool/updates/main/l/linux-2.6/linux-headers-2.6.26-2-all_2.6.26-15lenny2_sparc.deb\n Size/MD5 checksum: 103566 3d18d81d21f97f8cc79638cfa1ef0090\n\n These changes will probably be included in the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;", "cvss3": {}, "published": "2009-05-15T19:17:51", "type": "debian", "title": "[SECURITY] [DSA 1800-1] New Linux 2.6.26 packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0028", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2009-05-15T19:17:51", "id": "DEBIAN:DSA-1800-1:C8938", "href": "https://lists.debian.org/debian-security-announce/2009/msg00111.html", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-02T17:17:37", "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-1787-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nMay 2, 2009 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6.24\nVulnerability : denial of service/privilege escalation/information leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-4307 CVE-2008-5079 CVE-2008-5395 CVE-2008-5700\n CVE-2008-5701 CVE-2008-5702 CVE-2009-0028 CVE-2009-0029\n CVE-2009-0031 CVE-2009-0065 CVE-2009-0269 CVE-2009-0322\n CVE-2009-0675 CVE-2009-0676 CVE-2009-0745 CVE-2009-0834\n CVE-2009-0859 CVE-2009-1046 CVE-2009-1192 CVE-2009-1242\n CVE-2009-1265 CVE-2009-1337 CVE-2009-1338 CVE-2009-1439\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2008-4307\n\n Bryn M. Reeves reported a denial of service in the NFS filesystem.\n Local users can trigger a kernel BUG() due to a race condition in\n the do_setlk function.\n\nCVE-2008-5079\n\n Hugo Dias reported a DoS condition in the ATM subsystem that can\n be triggered by a local user by calling the svc_listen function\n twice on the same socket and reading /proc/net/atm/*vc.\n\nCVE-2008-5395\n\n Helge Deller discovered a denial of service condition that allows\n local users on PA-RISC systems to crash a system by attempting to\n unwind a stack contiaining userspace addresses.\n\nCVE-2008-5700\n\n Alan Cox discovered a lack of minimum timeouts on SG_IO requests,\n which allows local users of systems using ATA to cause a denial of\n service by forcing drives into PIO mode.\n \nCVE-2008-5701\n\n Vlad Malov reported an issue on 64-bit MIPS systems where a local\n user could cause a system crash by crafing a malicious binary\n which makes o32 syscalls with a number less than 4000.\n\nCVE-2008-5702\n\n Zvonimir Rakamaric reported an off-by-one error in the ib700wdt\n watchdog driver which allows local users to cause a buffer\n underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl\n call.\n\nCVE-2009-0028\n\n Chris Evans discovered a situation in which a child process can\n send an arbitrary signal to its parent.\n\nCVE-2009-0029\n\n Christian Borntraeger discovered an issue effecting the alpha,\n mips, powerpc, s390 and sparc64 architectures that allows local\n users to cause a denial of service or potentially gain elevated\n privileges.\n\nCVE-2009-0031\n\n Vegard Nossum discovered a memory leak in the keyctl subsystem\n that allows local users to cause a denial of service by consuming\n all of kernel memory.\n\nCVE-2009-0065\n\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users, permitting\n remote code execution.\n \nCVE-2009-0269\n\n Duane Griffin provided a fix for an issue in the eCryptfs\n subsystem which allows local users to cause a denial of service\n (fault or memory corruption).\n\nCVE-2009-0322\n\n Pavel Roskin provided a fix for an issue in the dell_rbu driver\n that allows a local user to cause a denial of service (oops) by\n reading 0 byts from a sysfs entry.\n\nCVE-2009-0675\n\n Roel Kluin discovered inverted logic in the skfddi driver that\n permits local, unprivileged users to reset the driver statistics.\n\nCVE-2009-0676\n\n Clement LECIGNE discovered a bug in the sock_getsockopt function\n that may result in leaking sensitive kernel memory.\n\nCVE-2009-0745\n\n Peter Kerwien discovered an issue in the ext4 filesystem that\n allows local users to cause a denial of service (kernel oops)\n during a resize operation.\n\nCVE-2009-0834\n\n Roland McGrath discovered an issue on amd64 kernels that allows\n local users to circumvent system call audit configurations which\n filter based on the syscall numbers or argument details.\n\nCVE-2009-0859\n\n Jiri Olsa discovered that a local user can cause a denial of\n service (system hang) using a SHM_INFO shmctl call on kernels\n compiled with CONFIG_SHMEM disabled. This issue does not affect\n prebuilt Debian kernels.\n\nCVE-2009-1046\n\n Mikulas Patocka reported an issue in the console subsystem that\n allows a local user to cause memory corruption by selecting a\n small number of 3-byte UTF-8 characters.\n\nCVE-2009-1192\n\n Shaohua Li reported an issue in the AGP subsystem they may allow\n local users to read sensitive kernel memory due to a leak of\n uninitialized memory.\n\nCVE-2009-1242\n\n Benjamin Gilbert reported a local denial of service vulnerability\n in the KVM VMX implementation that allows local users to trigger\n an oops.\n\nCVE-2009-1265\n\n Thomas Pollet reported an overflow in the af_rose implementation\n that allows remote attackers to retrieve uninitialized kernel\n memory that may contain sensitive data.\n\nCVE-2009-1337\n\n Oleg Nesterov discovered an issue in the exit_notify function that\n allows local users to send an arbitrary signal to a process by\n running a program that modifies the exit_signal field and then\n uses an exec system call to launch a setuid application.\n\nCVE-2009-1338\n\n Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to\n reach processes outside of the current process namespace.\n \nCVE-2009-1439\n\n Pavan Naregundi reported an issue in the CIFS filesystem code that\n allows remote users to overwrite memory via a long\n nativeFileSystem field in a Tree Connect response during mount.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 2.6.24-6~etchnhalf.8etch1.\n\nWe recommend that you upgrade your linux-2.6.24 packages.\n\nNote: Debian &#x27;etch&#x27; includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian &#x27;etch&#x27;\nconcludes. However, given the high frequency at which low-severity\nsecurity issues are discovered in the kernel and the resource\nrequirements of doing an update, lower severity 2.6.18 and 2.6.24\nupdates will typically release in a staggered or &quot;leap-frog&quot; fashion.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.diff.gz\n Size/MD5 checksum: 4033829 ff5f9342fbd061dcab316080057bf9ac\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.8etch1.dsc\n Size/MD5 checksum: 5117 c71acfa6a187429a702d368e5974d082\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24.orig.tar.gz\n Size/MD5 checksum: 59630522 6b8751d1eb8e71498ba74bbd346343af\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-tree-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\n Size/MD5 checksum: 82422 f39c24b3acf13eee80ab07421e120bc7\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-doc-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\n Size/MD5 checksum: 4260850 8b0891fa602714572b2ea8be13d4b2eb\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-support-2.6.24-etchnhalf.1_2.6.24-6~etchnhalf.8etch1_all.deb\n Size/MD5 checksum: 96802 317936645be453126afab54705999059\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-manual-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\n Size/MD5 checksum: 1542086 460bc638a040b2674f4da6e30fc975f1\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-source-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\n Size/MD5 checksum: 46865722 b3afc19906294f1990ab97e6c8943285\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-patch-debian-2.6.24_2.6.24-6~etchnhalf.8etch1_all.deb\n Size/MD5 checksum: 917482 dc533207197184a44dcc931372534b0b\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-alpha_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 82038 12269f5ccc3251bed6544c82ace6bab8\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 26736698 8714134f74ad24d4a761d9e1b18c84dc\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 332080 2632341b6c0d98b6798103d4e03a4980\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 26757530 c00a3280cf8bc9d18e52c64202af9e34\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-alpha-smp_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 27341904 ee355aab70b9061c511e7152929c150a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-generic_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 331054 7d30fb320e409180de47bdf7be8430c2\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 3454072 01417e58c71bb9515a4011c390be0580\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 82010 cff77bfb7491d357acc7d9d50dc0217e\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-alpha-legacy_2.6.24-6~etchnhalf.8etch1_alpha.deb\n Size/MD5 checksum: 330926 1b2c38a3628e25cc62b7e555800d48e5\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\n Size/MD5 checksum: 19480638 9f9f06adb37a611ed3f24000859beb03\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_amd64.deb\n Size/MD5 checksum: 3654580 aac989a8eee05d7adaf9731dfdda062f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\n Size/MD5 checksum: 344960 4a6f4ac493086ec243734b3b6968a2bd\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-amd64_2.6.24-6~etchnhalf.8etch1_amd64.deb\n Size/MD5 checksum: 82010 f7713fceebf11933dd20c7db1c636df0\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_amd64.deb\n Size/MD5 checksum: 81998 7f2d31a9d80ae34c397d90912dbbb46f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 308926 05539199c8e837c4fccc75172a9c82be\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 82136 39e67aa9c8617379a54c9f36d0d72572\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 3939598 804e621a444954f2045f27a9282ae77a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 306808 3086d994c254c2481c6610729c6ee182\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 296510 23d73ccad75398f169ad602db513b908\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-footbridge_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 9351566 c0326566806f5c7ed8de2342f4de857a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-ixp4xx_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 10775966 6661bd851503d953c4ca43b6f8e85deb\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-iop32x_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 10768304 daca396e0f5decdfe92a7724069daa50\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-arm_2.6.24-6~etchnhalf.8etch1_arm.deb\n Size/MD5 checksum: 82166 8bb034ce3157aeefe7c3c692ebe14df4\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 261644 7c1852bbe840ac3d90c12d452e2681cf\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 82016 293d2bba2cb8563e700377ada35f2ba2\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 259304 f3db74269efbac5501598e35a462bf20\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-hppa_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 82038 bdae604446c924296cd1aac5b9be7e95\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 13332816 5d9819ffa069392df46ad94e193cbdf1\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 258452 c1a9dde9f1c92b4563126d1937d4eec2\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 14385162 6cbd8dc0702e5cb15237d246883dd2c0\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-parisc64_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 258378 4a864d5f74cd4f1e05362aa00e94236a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc64-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 14847618 ab5989ffb84c1780ba7a8d06ac501f67\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 3439250 22ebf43e46ee15c1240d6881c2554248\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-parisc-smp_2.6.24-6~etchnhalf.8etch1_hppa.deb\n Size/MD5 checksum: 13845394 731ba27a151e94071c8f64ceb0da9e92\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 360908 aef486d9faf9aca0e61ea01e16d0cbc8\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 19348860 15a2e2dc1fa2b3b423d3010272f7f3f6\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 82124 ee99a97dc91f3c2e205bce0b901904c0\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 359834 d80f275632e07acaaa02679eee976bb6\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-i386_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 82160 07df09b3f1af03cd0f20d2b0cf2b679a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 347518 a3530c65c732ef54f207a3551c85ec9f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686-bigmem_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 19344944 28d8879c242e0698ee8524d006970445\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-486_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 361402 3bad41e46bd717ebe8d15e0473f130eb\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-amd64_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 19589084 a8319258d3194cd59fa263a1b66a5626\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-686_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 19278254 608362b1503eb3ec838bd01152d7aa93\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_i386.deb\n Size/MD5 checksum: 3647296 a6ce4748c3fefd49a40ebbfed1e004f9\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 318210 76ad07637a2fac8a32d827c23f893ffa\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 32025152 eb4eec0df149a61e18ae22ef8c50eb43\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-itanium_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 318482 a155708aa4e74d90e54a4f107221c995\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 3567324 0e1d20a7ecbf444ad6aba30cc169963d\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 82000 f66623c2c53891b0d92055fb032d0592\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-mckinley_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 32206190 62738a79d48dffcad324124d2b73f3d4\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-ia64_2.6.24-6~etchnhalf.8etch1_ia64.deb\n Size/MD5 checksum: 82028 6aa864922de84ad84cfff13eb9ce71ee\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 308452 f5d33880c20e98b12a9ad5ef53743910\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 214502 a39b0ecffd3a215979f8e5bcdcd78bfe\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 17166576 38a62721888bbb2f0fc4d7fbdba70c9e\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mips_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 82062 3aa3ea6a854d046759d5824257e47bf3\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 17151594 603b866be5168c042bbef832eb253c9d\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r4k-ip22_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 10522386 725913ed966df3029d3f72332af590fd\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 225228 e8ad107d20c67c798cdb093ae150592c\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 246218 69eee0d55e37c414da07e70b90c190a9\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-ip32_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 11957416 9d75b25a0668735d4bfb1fac77788723\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 27772372 307325283c10af9dd6dc8cb4f0de39a7\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 246310 815dfe8f02f354f03f0d63f8605bedd9\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 22150880 d183f2a93f59d18034573fd7febf5e22\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 3803446 4448552a0dd930e3d51a800c1d6deb50\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 82008 871aace093a3411d3d01dfcc19e57a7a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mips.deb\n Size/MD5 checksum: 309908 ebc141db56c3f149eaf265af89054e03\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 3803432 926f0974edf97ded8ef4bd4f99847b35\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 245716 9a62f6221f1b1e36c8b397e5afcb966a\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-mipsel_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 82060 401c4c5fb02f54a0deacef21bf630b0e\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 26982892 39032aaca4b2a6cecc7091022a42e2b7\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 16629962 874a967e72aa10398626267cb2d5ba54\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 21732318 7819062b50720a60a098d086978298ea\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 82012 06886337047db3ad1df77cc919c4cff6\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 246190 ec4b8f66e8a0065d694f990745049e7e\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 16566324 d778d8f7f199e49cb087fafaef7eb551\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-r5k-cobalt_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 13316760 aadc4a462ca185163c902551556c92f6\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-4kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 309226 44e7866afb834db0bf71a9d034d729ba\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-5kc-malta_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 308360 e53f7681e10aa6b07d1ea3e3b58622da\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a_2.6.24-6~etchnhalf.8etch1_mipsel.deb\n Size/MD5 checksum: 245984 a572ee84ea19bb4bb908e6c20a56ca37\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 19194974 99103ae37f6001139ea44dd31f84183f\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 320916 0ba37f3d80f38b92b9097ea7e90fb3e7\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 320840 0ab836295bc998d5b54f9d54bb2bd23c\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-smp_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 19485870 bbee80ba2e47827a9f8ac2360ccf9e68\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 3672412 4ff49fe861ab4f49eec95d425114c349\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 82012 03d29f46bdcab8bab20d237a294fc242\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 295058 7718f3ba536f4af7252961bbbbab24be\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 21169748 db5e60f6e3ba1fcd12a793fd30f75c14\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-powerpc-miboot_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 17459470 60369530c57a669b6c9bcd441f757417\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-powerpc64_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 322436 779ccace55f22bdcf1ccd9212033b58d\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-powerpc_2.6.24-6~etchnhalf.8etch1_powerpc.deb\n Size/MD5 checksum: 82046 39a3cbedcbc4e13f997b7641394e3ad0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390-tape_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 1501738 7bf06e1f51092c18b512045444fba8e9\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 193848 6713da5dfd8696c27718075e6cb3fa03\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 82016 1668a7a797859f5d9e0a7af2ba1781b4\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 6950110 9f8a8d765c71aaee7e94402626f413a1\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 82002 0f37b246336adf27ce4d37776257ff95\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 7200396 de8ace94802f259aef088e9384a4ca6b\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-s390x_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 194084 ea695f010b1916d50f1bdad2e85dd1f0\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_s390.deb\n Size/MD5 checksum: 3429706 8a40f944fa6b7c64353d76154bded277\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all-sparc_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 82152 88b0f93df760ac992f30c1927d0144f7\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-common_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 3652306 42dda4de967328363df86bee8ba0c53b\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 13022916 93538efd19eae1488128df8a3a73b957\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 263066 c796e2fd4e51ff6a66d9eec594c81386\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-image-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 13317632 e50f9515e67c38d66c58f317bf2c9292\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-sparc64-smp_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 264930 a1d0ba75ee8eded18b4d97327ebd0291\n http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-headers-2.6.24-etchnhalf.1-all_2.6.24-6~etchnhalf.8etch1_sparc.deb\n Size/MD5 checksum: 82128 6c1ebe596b196e25cb0307f78ab1f358\n\n\n These changes will probably be included in the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;", "cvss3": {}, "published": "2009-05-02T18:33:03", "type": "debian", "title": "[SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4307", "CVE-2008-5079", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5701", "CVE-2008-5702", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0834", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2009-05-02T18:33:03", "id": "DEBIAN:DSA-1787-1:1654D", "href": "https://lists.debian.org/debian-security-announce/2009/msg00098.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:23:22", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, privilege escalation or a sensitive memory leak. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0835 Roland McGrath discovered an issue on amd64 kernels with CONFIG_SECCOMP enabled. By making a specially crafted syscall, local users can bypass access restrictions.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046 Mikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n - CVE-2009-1072 Igor Zhbanov reported that nfsd was not properly dropping CAP_MKNOD, allowing users to create device nodes on file systems exported with root_squash.\n\n - CVE-2009-1184 Dan Carpenter reported a coding issue in the selinux subsystem that allows local users to bypass certain networking checks when running with compat_net=1.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem they may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1242 Benjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1338 Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-18T00:00:00", "type": "nessus", "title": "Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0028", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-1800.NASL", "href": "https://www.tenable.com/plugins/nessus/38795", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1800. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38795);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0028\", \"CVE-2009-0834\", \"CVE-2009-0835\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_bugtraq_id(33672, 33948, 33951, 34020, 34205, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1800\");\n\n script_name(english:\"Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, privilege escalation or a sensitive\nmemory leak. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0835\n Roland McGrath discovered an issue on amd64 kernels with\n CONFIG_SECCOMP enabled. By making a specially crafted\n syscall, local users can bypass access restrictions.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046\n Mikulas Patocka reported an issue in the console\n subsystem that allows a local user to cause memory\n corruption by selecting a small number of 3-byte UTF-8\n characters.\n\n - CVE-2009-1072\n Igor Zhbanov reported that nfsd was not properly\n dropping CAP_MKNOD, allowing users to create device\n nodes on file systems exported with root_squash.\n\n - CVE-2009-1184\n Dan Carpenter reported a coding issue in the selinux\n subsystem that allows local users to bypass certain\n networking checks when running with compat_net=1.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem they\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1242\n Benjamin Gilbert reported a local denial of service\n vulnerability in the KVM VMX implementation that allows\n local users to trigger an oops.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1338\n Daniel Hokka Zakrisson discovered that a kill(-1) is\n permitted to reach processes outside of the current\n process namespace.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0835\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1072\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1800\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6 and user-mode-linux packages.\n\nFor the oldstable distribution (etch), these problems, where\napplicable, will be fixed in future updates to linux-2.6 and\nlinux-2.6.24.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.6.26-15lenny2.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(16, 20, 119, 264, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"linux-doc-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-486\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-4kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-5kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-alpha\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-arm\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-armel\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-hppa\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-i386\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-ia64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mips\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-mipsel\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-all-sparc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-generic\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-legacy\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-alpha-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-openvz\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-vserver\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-common-xen\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-footbridge\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-iop32x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-ixp4xx\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-openvz-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-orion5x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-parisc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r4k-ip22\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-r5k-ip32\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-sparc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-versatile\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-headers-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-486\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-4kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-5kc-malta\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-legacy\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-alpha-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-footbridge\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-iop32x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-ixp4xx\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-openvz-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-orion5x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-parisc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r4k-ip22\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-cobalt\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-r5k-ip32\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390-tape\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1-bcm91250a\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sb1a-bcm91480b\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-sparc64-smp\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-versatile\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-686-bigmem\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-itanium\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-mckinley\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-powerpc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-s390x\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-vserver-sparc64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-image-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-libc-dev\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-manual-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-modules-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-patch-debian-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-source-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-support-2.6.26-2\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"linux-tree-2.6.26\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"user-mode-linux\", reference:\"2.6.26-1um-2+15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-686\", reference:\"2.6.26-15lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xen-linux-system-2.6.26-2-xen-amd64\", reference:\"2.6.26-15lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:17:17", "description": "Igor Zhbanov discovered that NFS clients were able to create device nodes even when root_squash was enabled. An authenticated remote attacker could create device nodes with open permissions, leading to a loss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1072)\n\nDan Carpenter discovered that SELinux did not correctly handle certain network checks when running with compat_net=1. A local attacker could exploit this to bypass network checks. Default Ubuntu installations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were affected.\n(CVE-2009-1184)\n\nShaohua Li discovered that memory was not correctly initialized in the AGP subsystem. A local attacker could potentially read kernel memory, leading to a loss of privacy. (CVE-2009-1192)\n\nBenjamin Gilbert discovered that the VMX implementation of KVM did not correctly handle certain registers. An attacker in a guest VM could exploit this to cause a host system crash, leading to a denial of service. This only affected 32bit hosts. Ubuntu 6.06 was not affected.\n(CVE-2009-1242)\n\nThomas Pollet discovered that the Amateur Radio X.25 Packet Layer Protocol did not correctly validate certain fields. A remote attacker could exploit this to read kernel memory, leading to a loss of privacy. (CVE-2009-1265)\n\nTrond Myklebust discovered that NFS did not correctly handle certain long filenames. An authenticated remote attacker could exploit this to cause a system crash, leading to a denial of service. Only Ubuntu 6.06 was affected. (CVE-2009-1336)\n\nOleg Nesterov discovered that the kernel did not correctly handle CAP_KILL. A local user could exploit this to send signals to arbitrary processes, leading to a denial of service. (CVE-2009-1337)\n\nDaniel Hokka Zakrisson discovered that signal handling was not correctly limited to process namespaces. A local user could bypass namespace restrictions, possibly leading to a denial of service. Only Ubuntu 8.04 was affected. (CVE-2009-1338)\n\nPavel Emelyanov discovered that network namespace support for IPv6 was not correctly handled. A remote attacker could send specially crafted IPv6 traffic that would cause a system crash, leading to a denial of service. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360)\n\nNeil Horman discovered that the e1000 network driver did not correctly validate certain fields. A remote attacker could send a specially crafted packet that would cause a system crash, leading to a denial of service. (CVE-2009-1385)\n\nPavan Naregundi discovered that CIFS did not correctly check lengths when handling certain mount requests. A remote attacker could send specially crafted traffic to cause a system crash, leading to a denial of service. (CVE-2009-1439)\n\nSimon Vallet and Frank Filz discovered that execute permissions were not correctly handled by NFSv4. A local user could bypass permissions and run restricted programs, possibly leading to an escalation of privileges. (CVE-2009-1630)\n\nJeff Layton and Suresh Jayaraman discovered buffer overflows in the CIFS client code. A malicious remote server could exploit this to cause a system crash or execute arbitrary code as root.\n(CVE-2009-1633)\n\nMikulas Patocka discovered that /proc/iomem was not correctly initialized on Sparc. A local attacker could use this file to crash the system, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2009-1914)\n\nMiklos Szeredi discovered that OCFS2 did not correctly handle certain splice operations. A local attacker could exploit this to cause a system hang, leading to a denial of service. Ubuntu 6.06 was not affected. (CVE-2009-1961).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2009-07-02T00:00:00", "type": "nessus", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-793-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1336", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1360", "CVE-2009-1385", "CVE-2009-1439", "CVE-2009-1630", "CVE-2009-1633", "CVE-2009-1914", "CVE-2009-1961"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.28", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.28", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04"], "id": "UBUNTU_USN-793-1.NASL", "href": "https://www.tenable.com/plugins/nessus/39586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-793-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39586);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1360\", \"CVE-2009-1385\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1914\", \"CVE-2009-1961\");\n script_bugtraq_id(34205, 34405, 34453, 34612, 34654, 34673, 34934, 35143, 35185);\n script_xref(name:\"USN\", value:\"793-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : linux, linux-source-2.6.15 vulnerabilities (USN-793-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Igor Zhbanov discovered that NFS clients were able to create device\nnodes even when root_squash was enabled. An authenticated remote\nattacker could create device nodes with open permissions, leading to a\nloss of privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04\nwere affected. (CVE-2009-1072)\n\nDan Carpenter discovered that SELinux did not correctly handle certain\nnetwork checks when running with compat_net=1. A local attacker could\nexploit this to bypass network checks. Default Ubuntu installations do\nnot enable SELinux, and only Ubuntu 8.10 and 9.04 were affected.\n(CVE-2009-1184)\n\nShaohua Li discovered that memory was not correctly initialized in the\nAGP subsystem. A local attacker could potentially read kernel memory,\nleading to a loss of privacy. (CVE-2009-1192)\n\nBenjamin Gilbert discovered that the VMX implementation of KVM did not\ncorrectly handle certain registers. An attacker in a guest VM could\nexploit this to cause a host system crash, leading to a denial of\nservice. This only affected 32bit hosts. Ubuntu 6.06 was not affected.\n(CVE-2009-1242)\n\nThomas Pollet discovered that the Amateur Radio X.25 Packet Layer\nProtocol did not correctly validate certain fields. A remote attacker\ncould exploit this to read kernel memory, leading to a loss of\nprivacy. (CVE-2009-1265)\n\nTrond Myklebust discovered that NFS did not correctly handle certain\nlong filenames. An authenticated remote attacker could exploit this to\ncause a system crash, leading to a denial of service. Only Ubuntu 6.06\nwas affected. (CVE-2009-1336)\n\nOleg Nesterov discovered that the kernel did not correctly handle\nCAP_KILL. A local user could exploit this to send signals to arbitrary\nprocesses, leading to a denial of service. (CVE-2009-1337)\n\nDaniel Hokka Zakrisson discovered that signal handling was not\ncorrectly limited to process namespaces. A local user could bypass\nnamespace restrictions, possibly leading to a denial of service. Only\nUbuntu 8.04 was affected. (CVE-2009-1338)\n\nPavel Emelyanov discovered that network namespace support for IPv6 was\nnot correctly handled. A remote attacker could send specially crafted\nIPv6 traffic that would cause a system crash, leading to a denial of\nservice. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360)\n\nNeil Horman discovered that the e1000 network driver did not correctly\nvalidate certain fields. A remote attacker could send a specially\ncrafted packet that would cause a system crash, leading to a denial of\nservice. (CVE-2009-1385)\n\nPavan Naregundi discovered that CIFS did not correctly check lengths\nwhen handling certain mount requests. A remote attacker could send\nspecially crafted traffic to cause a system crash, leading to a denial\nof service. (CVE-2009-1439)\n\nSimon Vallet and Frank Filz discovered that execute permissions were\nnot correctly handled by NFSv4. A local user could bypass permissions\nand run restricted programs, possibly leading to an escalation of\nprivileges. (CVE-2009-1630)\n\nJeff Layton and Suresh Jayaraman discovered buffer overflows in the\nCIFS client code. A malicious remote server could exploit this to\ncause a system crash or execute arbitrary code as root.\n(CVE-2009-1633)\n\nMikulas Patocka discovered that /proc/iomem was not correctly\ninitialized on Sparc. A local attacker could use this file to crash\nthe system, leading to a denial of service. Ubuntu 6.06 was not\naffected. (CVE-2009-1914)\n\nMiklos Szeredi discovered that OCFS2 did not correctly handle certain\nsplice operations. A local attacker could exploit this to cause a\nsystem hang, leading to a denial of service. Ubuntu 6.06 was not\naffected. (CVE-2009-1961).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/793-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(16, 20, 119, 189, 264, 362);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.28\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.28\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2021 Canonical, Inc. / NASL script (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2009-1072\", \"CVE-2009-1184\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1336\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1360\", \"CVE-2009-1385\", \"CVE-2009-1439\", \"CVE-2009-1630\", \"CVE-2009-1633\", \"CVE-2009-1914\", \"CVE-2009-1961\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-793-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-doc-2.6.15\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-386\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-686\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-headers-2.6.15-54-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-386\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-686\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-generic\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-k8\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-amd64-xeon\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-image-2.6.15-54-server\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"linux-source-2.6.15\", pkgver:\"2.6.15-54.77\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-doc-2.6.24\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-386\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-generic\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-openvz\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-rt\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-server\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-virtual\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-headers-2.6.24-24-xen\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-386\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-generic\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-lpia\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-lpiacompat\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-openvz\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-rt\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-server\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-virtual\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-24-xen\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-386\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-generic\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-server\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-debug-2.6.24-24-virtual\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-kernel-devel\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-source-2.6.24\", pkgver:\"2.6.24-24.55\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-doc-2.6.27\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-14\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-14-generic\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-headers-2.6.27-14-server\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-14-generic\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-14-server\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-image-2.6.27-14-virtual\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"linux-source-2.6.27\", pkgver:\"2.6.27-14.35\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-doc-2.6.28\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-13\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-13-generic\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-headers-2.6.28-13-server\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-generic\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-lpia\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-server\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-versatile\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-image-2.6.28-13-virtual\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.28-13.45\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"linux-source-2.6.28\", pkgver:\"2.6.28-13.45\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc-2.6.15 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:36", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2008-4307 Bryn M. Reeves reported a denial of service in the NFS filesystem. Local users can trigger a kernel BUG() due to a race condition in the do_setlk function.\n\n - CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc.\n\n - CVE-2008-5395 Helge Deller discovered a denial of service condition that allows local users on PA-RISC systems to crash a system by attempting to unwind a stack containing userspace addresses.\n\n - CVE-2008-5700 Alan Cox discovered a lack of minimum timeouts on SG_IO requests, which allows local users of systems using ATA to cause a denial of service by forcing drives into PIO mode.\n\n - CVE-2008-5701 Vlad Malov reported an issue on 64-bit MIPS systems where a local user could cause a system crash by crafing a malicious binary which makes o32 syscalls with a number less than 4000.\n\n - CVE-2008-5702 Zvonimir Rakamaric reported an off-by-one error in the ib700wdt watchdog driver which allows local users to cause a buffer underflow by making a specially crafted WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2009-0028 Chris Evans discovered a situation in which a child process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029 Christian Borntraeger discovered an issue effecting the alpha, mips, powerpc, s390 and sparc64 architectures that allows local users to cause a denial of service or potentially gain elevated privileges.\n\n - CVE-2009-0031 Vegard Nossum discovered a memory leak in the keyctl subsystem that allows local users to cause a denial of service by consuming all of kernel memory.\n\n - CVE-2009-0065 Wei Yongjun discovered a memory overflow in the SCTP implementation that can be triggered by remote users, permitting remote code execution.\n\n - CVE-2009-0269 Duane Griffin provided a fix for an issue in the eCryptfs subsystem which allows local users to cause a denial of service (fault or memory corruption).\n\n - CVE-2009-0322 Pavel Roskin provided a fix for an issue in the dell_rbu driver that allows a local user to cause a denial of service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675 Roel Kluin discovered inverted logic in the skfddi driver that permits local, unprivileged users to reset the driver statistics.\n\n - CVE-2009-0676 Clement LECIGNE discovered a bug in the sock_getsockopt function that may result in leaking sensitive kernel memory.\n\n - CVE-2009-0745 Peter Kerwien discovered an issue in the ext4 filesystem that allows local users to cause a denial of service (kernel oops) during a resize operation.\n\n - CVE-2009-0834 Roland McGrath discovered an issue on amd64 kernels that allows local users to circumvent system call audit configurations which filter based on the syscall numbers or argument details.\n\n - CVE-2009-0859 Jiri Olsa discovered that a local user can cause a denial of service (system hang) using a SHM_INFO shmctl call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046 Mikulas Patocka reported an issue in the console subsystem that allows a local user to cause memory corruption by selecting a small number of 3-byte UTF-8 characters.\n\n - CVE-2009-1192 Shaohua Li reported an issue in the AGP subsystem that may allow local users to read sensitive kernel memory due to a leak of uninitialized memory.\n\n - CVE-2009-1242 Benjamin Gilbert reported a local denial of service vulnerability in the KVM VMX implementation that allows local users to trigger an oops.\n\n - CVE-2009-1265 Thomas Pollet reported an overflow in the af_rose implementation that allows remote attackers to retrieve uninitialized kernel memory that may contain sensitive data.\n\n - CVE-2009-1337 Oleg Nesterov discovered an issue in the exit_notify function that allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.\n\n - CVE-2009-1338 Daniel Hokka Zakrisson discovered that a kill(-1) is permitted to reach processes outside of the current process namespace.\n\n - CVE-2009-1439 Pavan Naregundi reported an issue in the CIFS filesystem code that allows remote users to overwrite memory via a long nativeFileSystem field in a Tree Connect response during mount.", "cvss3": {}, "published": "2009-05-04T00:00:00", "type": "nessus", "title": "Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-4307", "CVE-2008-5079", "CVE-2008-5395", "CVE-2008-5700", "CVE-2008-5701", "CVE-2008-5702", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0834", "CVE-2009-0859", "CVE-2009-1046", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1439"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-2.6.24", "cpe:/o:debian:debian_linux:4.0"], "id": "DEBIAN_DSA-1787.NASL", "href": "https://www.tenable.com/plugins/nessus/38668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1787. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38668);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-4307\", \"CVE-2008-5079\", \"CVE-2008-5395\", \"CVE-2008-5700\", \"CVE-2008-5701\", \"CVE-2008-5702\", \"CVE-2009-0028\", \"CVE-2009-0029\", \"CVE-2009-0031\", \"CVE-2009-0065\", \"CVE-2009-0269\", \"CVE-2009-0322\", \"CVE-2009-0675\", \"CVE-2009-0676\", \"CVE-2009-0745\", \"CVE-2009-0834\", \"CVE-2009-0859\", \"CVE-2009-1046\", \"CVE-2009-1192\", \"CVE-2009-1242\", \"CVE-2009-1265\", \"CVE-2009-1337\", \"CVE-2009-1338\", \"CVE-2009-1439\");\n script_bugtraq_id(32676, 33113, 33672, 33846, 33951, 34020, 34405, 34453, 34654, 34673);\n script_xref(name:\"DSA\", value:\"1787\");\n\n script_name(english:\"Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following\nproblems :\n\n - CVE-2008-4307\n Bryn M. Reeves reported a denial of service in the NFS\n filesystem. Local users can trigger a kernel BUG() due\n to a race condition in the do_setlk function.\n\n - CVE-2008-5079\n Hugo Dias reported a DoS condition in the ATM subsystem\n that can be triggered by a local user by calling the\n svc_listen function twice on the same socket and reading\n /proc/net/atm/*vc.\n\n - CVE-2008-5395\n Helge Deller discovered a denial of service condition\n that allows local users on PA-RISC systems to crash a\n system by attempting to unwind a stack containing\n userspace addresses.\n\n - CVE-2008-5700\n Alan Cox discovered a lack of minimum timeouts on SG_IO\n requests, which allows local users of systems using ATA\n to cause a denial of service by forcing drives into PIO\n mode.\n\n - CVE-2008-5701\n Vlad Malov reported an issue on 64-bit MIPS systems\n where a local user could cause a system crash by crafing\n a malicious binary which makes o32 syscalls with a\n number less than 4000.\n\n - CVE-2008-5702\n Zvonimir Rakamaric reported an off-by-one error in the\n ib700wdt watchdog driver which allows local users to\n cause a buffer underflow by making a specially crafted\n WDIOC_SETTIMEOUT ioctl call.\n\n - CVE-2009-0028\n Chris Evans discovered a situation in which a child\n process can send an arbitrary signal to its parent.\n\n - CVE-2009-0029\n Christian Borntraeger discovered an issue effecting the\n alpha, mips, powerpc, s390 and sparc64 architectures\n that allows local users to cause a denial of service or\n potentially gain elevated privileges.\n\n - CVE-2009-0031\n Vegard Nossum discovered a memory leak in the keyctl\n subsystem that allows local users to cause a denial of\n service by consuming all of kernel memory.\n\n - CVE-2009-0065\n Wei Yongjun discovered a memory overflow in the SCTP\n implementation that can be triggered by remote users,\n permitting remote code execution.\n\n - CVE-2009-0269\n Duane Griffin provided a fix for an issue in the\n eCryptfs subsystem which allows local users to cause a\n denial of service (fault or memory corruption).\n\n - CVE-2009-0322\n Pavel Roskin provided a fix for an issue in the dell_rbu\n driver that allows a local user to cause a denial of\n service (oops) by reading 0 bytes from a sysfs entry.\n\n - CVE-2009-0675\n Roel Kluin discovered inverted logic in the skfddi\n driver that permits local, unprivileged users to reset\n the driver statistics.\n\n - CVE-2009-0676\n Clement LECIGNE discovered a bug in the sock_getsockopt\n function that may result in leaking sensitive kernel\n memory.\n\n - CVE-2009-0745\n Peter Kerwien discovered an issue in the ext4 filesystem\n that allows local users to cause a denial of service\n (kernel oops) during a resize operation.\n\n - CVE-2009-0834\n Roland McGrath discovered an issue on amd64 kernels that\n allows local users to circumvent system call audit\n configurations which filter based on the syscall numbers\n or argument details.\n\n - CVE-2009-0859\n Jiri Olsa discovered that a local user can cause a\n denial of service (system hang) using a SHM_INFO shmctl\n call on kernels compiled with CONFIG_SHMEM disabled.\n This issue does not affect prebuilt Debian kernels.\n\n - CVE-2009-1046\n Mikulas Patocka reported an issue in the console\n subsystem that allows a local user to cause memory\n corruption by selecting a small number of 3-byte UTF-8\n characters.\n\n - CVE-2009-1192\n Shaohua Li reported an issue in the AGP subsystem that\n may allow local users to read sensitive kernel memory\n due to a leak of uninitialized memory.\n\n - CVE-2009-1242\n Benjamin Gilbert reported a local denial of service\n vulnerability in the KVM VMX implementation that allows\n local users to trigger an oops.\n\n - CVE-2009-1265\n Thomas Pollet reported an overflow in the af_rose\n implementation that allows remote attackers to retrieve\n uninitialized kernel memory that may contain sensitive\n data.\n\n - CVE-2009-1337\n Oleg Nesterov discovered an issue in the exit_notify\n function that allows local users to send an arbitrary\n signal to a process by running a program that modifies\n the exit_signal field and then uses an exec system call\n to launch a setuid application.\n\n - CVE-2009-1338\n Daniel Hokka Zakrisson discovered that a kill(-1) is\n permitted to reach processes outside of the current\n process namespace.\n\n - CVE-2009-1439\n Pavan Naregundi reported an issue in the CIFS filesystem\n code that allows remote users to overwrite memory via a\n long nativeFileSystem field in a Tree Connect response\n during mount.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-4307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5395\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-5702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0028\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0029\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0322\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-0859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1265\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1787\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux-2.6.24 packages.\n\nFor the oldstable distribution (etch), these problems have been fixed\nin version 2.6.24-6~etchnhalf.8etch1.\n\nNote: Debian 'etch' includes linux kernel packages based upon both the\n2.6.18 and 2.6.24 linux releases. All known security issues are\ncarefully tracked against both packages and both packages will receive\nsecurity updates until security support for Debian 'etch' concludes.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, lower severity 2.6.18 and 2.6.24 updates will\ntypically release in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(20, 119, 189, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-2.6.24\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"linux-doc-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-alpha\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-arm\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-hppa\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-i386\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-ia64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mips\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-mipsel\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-all-sparc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-common\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-headers-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-486\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-4kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-5kc-malta\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-686-bigmem\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-generic\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-legacy\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-alpha-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-amd64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-footbridge\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-iop32x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-itanium\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-ixp4xx\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-mckinley\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-parisc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-miboot\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-powerpc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r4k-ip22\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-cobalt\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-r5k-ip32\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390-tape\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-s390x\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-image-2.6.24-etchnhalf.1-sparc64-smp\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-manual-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-patch-debian-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-source-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-support-2.6.24-etchnhalf.1\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"linux-tree-2.6.24\", reference:\"2.6.24-6~etchnhalf.8etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-05-26T15:56:18", "description": "## Releases\n\n * Ubuntu 9.04 \n * Ubuntu 8.10 \n * Ubuntu 8.04 \n * Ubuntu 6.06 \n\n## Packages\n\n * linux \\- \n * linux-source-2.6.15 \\- \n\nIgor Zhbanov discovered that NFS clients were able to create device nodes \neven when root_squash was enabled. An authenticated remote attacker \ncould create device nodes with open permissions, leading to a loss of \nprivacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were \naffected. (CVE-2009-1072)\n\nDan Carpenter discovered that SELinux did not correctly handle \ncertain network checks when running with compat_net=1. A local \nattacker could exploit this to bypass network checks. Default Ubuntu \ninstallations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were \naffected. (CVE-2009-1184)\n\nShaohua Li discovered that memory was not correctly initialized in the \nAGP subsystem. A local attacker could potentially read kernel memory, \nleading to a loss of privacy. (CVE-2009-1192)\n\nBenjamin Gilbert discovered that the VMX implementation of KVM did \nnot correctly handle certain registers. An attacker in a guest VM \ncould exploit this to cause a host system crash, leading to a denial \nof service. This only affected 32bit hosts. Ubuntu 6.06 was not \naffected. (CVE-2009-1242)\n\nThomas Pollet discovered that the Amateur Radio X.25 Packet Layer Protocol \ndid not correctly validate certain fields. A remote attacker could exploit \nthis to read kernel memory, leading to a loss of privacy. (CVE-2009-1265)\n\nTrond Myklebust discovered that NFS did not correctly handle certain \nlong filenames. An authenticated remote attacker could exploit this to \ncause a system crash, leading to a denial of service. Only Ubuntu 6.06 \nwas affected. (CVE-2009-1336)\n\nOleg Nesterov discovered that the kernel did not correctly handle \nCAP_KILL. A local user could exploit this to send signals to arbitrary \nprocesses, leading to a denial of service. (CVE-2009-1337)\n\nDaniel Hokka Zakrisson discovered that signal handling was not correctly \nlimited to process namespaces. A local user could bypass namespace \nrestrictions, possibly leading to a denial of service. Only Ubuntu 8.04 \nwas affected. (CVE-2009-1338)\n\nPavel Emelyanov discovered that network namespace support for IPv6 was \nnot correctly handled. A remote attacker could send specially crafted \nIPv6 traffic that would cause a system crash, leading to a denial of \nservice. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360)\n\nNeil Horman discovered that the e1000 network driver did not correctly \nvalidate certain fields. A remote attacker could send a specially \ncrafted packet that would cause a system crash, leading to a denial of \nservice. (CVE-2009-1385)\n\nPavan Naregundi discovered that CIFS did not correctly check lengths \nwhen handling certain mount requests. A remote attacker could send \nspecially crafted traffic to cause a system crash, leading to a denial \nof service. (CVE-2009-1439)\n\nSimon Vallet and Frank Filz discovered that execute permissions were \nnot correctly handled by NFSv4. A local user could bypass permissions \nand run restricted programs, possibly leading to an escalation of \nprivileges. (CVE-2009-1630)\n\nJeff Layton and Suresh Jayaraman discovered buffer overflows in the CIFS \nclient code. A malicious remote server could exploit this to cause a \nsystem crash or execute arbitrary code as root. (CVE-2009-1633)\n\nMikulas Patocka discovered that /proc/iomem was not correctly \ninitialized on Sparc. A local attacker could use this file to crash \nthe system, leading to a denial of service. Ubuntu 6.06 was not \naffected. (CVE-2009-1914)\n\nMiklos Szeredi discovered that OCFS2 did not correctly handle certain \nsplice operations. A local attacker could exploit this to cause \na system hang, leading to a denial of service. Ubuntu 6.06 was not \naffected. (CVE-2009-1961)\n", "cvss3": {}, "published": "2009-07-02T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1072", "CVE-2009-1184", "CVE-2009-1192", "CVE-2009-1242", "CVE-2009-1265", "CVE-2009-1336", "CVE-2009-1337", "CVE-2009-1338", "CVE-2009-1360", "CVE-2009-1385", "CVE-2009-1439", "CVE-2009-1630", "CVE-2009-1633", "CVE-2009-1914", "CVE-2009-1961"], "modified": "2009-07-02T00:00:00", "id": "USN-793-1", "href": "https://ubuntu.com/security/notices/USN-793-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}