Lucene search
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.F5_BIGIP_SOL16473.NASLHistoryApr 22, 2015 - 12:00 a.m.
F5 Networks BIG-IP : Linux Kernel vulnerability (SOL16473)
2015-04-2200:00:00
This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
0
Percentile
10.1%
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from F5 Networks BIG-IP Solution SOL16473.
#
# The text description of this plugin is (C) F5 Networks.
#
include("compat.inc");
if (description)
{
script_id(82931);
script_version("1.4");
script_cvs_date("Date: 2019/01/04 10:03:40");
script_cve_id("CVE-2010-0007");
script_bugtraq_id(37762);
script_name(english:"F5 Networks BIG-IP : Linux Kernel vulnerability (SOL16473)");
script_summary(english:"Checks the BIG-IP version.");
script_set_attribute(
attribute:"synopsis",
value:"The remote device is missing a vendor-supplied security patch."
);
script_set_attribute(
attribute:"description",
value:
"net/bridge/netfilter/ebtables.c in the ebtables module in the
netfilter framework in the Linux kernel before 2.6.33-rc4 does not
require the CAP_NET_ADMIN capability for setting or modifying rules,
which allows local users to bypass intended access restrictions and
configure arbitrary network-traffic filtering via a modified ebtables
application."
);
script_set_attribute(
attribute:"see_also",
value:"https://support.f5.com/csp/article/K16473"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade to one of the non-vulnerable versions listed in the F5
Solution SOL16473."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(264);
script_set_attribute(attribute:"potential_vulnerability", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_access_policy_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_application_security_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_global_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_link_controller");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_local_traffic_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_wan_optimization_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:f5:big-ip_webaccelerator");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip");
script_set_attribute(attribute:"cpe", value:"cpe:/h:f5:big-ip_protocol_security_manager");
script_set_attribute(attribute:"patch_publication_date", value:"2015/04/21");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/22");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"F5 Networks Local Security Checks");
script_dependencies("f5_bigip_detect.nbin");
script_require_keys("Host/local_checks_enabled", "Host/BIG-IP/hotfix", "Host/BIG-IP/modules", "Host/BIG-IP/version", "Settings/ParanoidReport");
exit(0);
}
include("f5_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
version = get_kb_item("Host/BIG-IP/version");
if ( ! version ) audit(AUDIT_OS_NOT, "F5 Networks BIG-IP");
if ( isnull(get_kb_item("Host/BIG-IP/hotfix")) ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/hotfix");
if ( ! get_kb_item("Host/BIG-IP/modules") ) audit(AUDIT_KB_MISSING, "Host/BIG-IP/modules");
sol = "SOL16473";
vmatrix = make_array();
if (report_paranoia < 2) audit(AUDIT_PARANOID);
# APM
vmatrix["APM"] = make_array();
vmatrix["APM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["APM"]["unaffected"] = make_list("11.0.0-11.6.0");
# ASM
vmatrix["ASM"] = make_array();
vmatrix["ASM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["ASM"]["unaffected"] = make_list("11.0.0-11.6.0");
# GTM
vmatrix["GTM"] = make_array();
vmatrix["GTM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["GTM"]["unaffected"] = make_list("11.0.0-11.6.0");
# LC
vmatrix["LC"] = make_array();
vmatrix["LC"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["LC"]["unaffected"] = make_list("11.0.0-11.6.0");
# LTM
vmatrix["LTM"] = make_array();
vmatrix["LTM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["LTM"]["unaffected"] = make_list("11.0.0-11.6.0");
# PSM
vmatrix["PSM"] = make_array();
vmatrix["PSM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["PSM"]["unaffected"] = make_list("11.0.0-11.4.1");
# WAM
vmatrix["WAM"] = make_array();
vmatrix["WAM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["WAM"]["unaffected"] = make_list("11.0.0-11.3.0");
# WOM
vmatrix["WOM"] = make_array();
vmatrix["WOM"]["affected" ] = make_list("10.1.0-10.2.4");
vmatrix["WOM"]["unaffected"] = make_list("11.0.0-11.3.0");
if (bigip_is_affected(vmatrix:vmatrix, sol:sol))
{
if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());
else security_note(0);
exit(0);
}
else
{
tested = bigip_get_tested_modules();
audit_extra = "For BIG-IP module(s) " + tested + ",";
if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);
else audit(AUDIT_HOST_NOT, "running any of the affected modules");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f5 | big-ip_access_policy_manager | cpe:/a:f5:big-ip_access_policy_manager | |
| f5 | big-ip_application_security_manager | cpe:/a:f5:big-ip_application_security_manager | |
| f5 | big-ip_global_traffic_manager | cpe:/a:f5:big-ip_global_traffic_manager | |
| f5 | big-ip_link_controller | cpe:/a:f5:big-ip_link_controller | |
| f5 | big-ip_local_traffic_manager | cpe:/a:f5:big-ip_local_traffic_manager | |
| f5 | big-ip_wan_optimization_manager | cpe:/a:f5:big-ip_wan_optimization_manager | |
| f5 | big-ip_webaccelerator | cpe:/a:f5:big-ip_webaccelerator | |
| f5 | big-ip | cpe:/h:f5:big-ip | |
| f5 | big-ip_protocol_security_manager | cpe:/h:f5:big-ip_protocol_security_manager |
Related
cve
cve
CVE-2010-0007
2010-01-19 16:30:01
veracode
veracode
Access Restrictions Bypass
2020-04-10 00:44:36
ubuntucve
ubuntucve
CVE-2010-0007
2010-01-19 00:00:00
prion
prion
Design/Logic Flaw
2010-01-19 16:30:00
f5
f5
SOL16473 - Linux Kernel vulnerability CVE-2010-0007
2015-04-21 00:00:00
K16473 : Linux Kernel vulnerability CVE-2010-0007
2015-07-23 00:00:00
cvelist
cvelist
CVE-2010-0007
2010-01-19 16:00:00
nvd
nvd
CVE-2010-0007
2010-01-19 16:30:01
suse
suse
remote denial of service in kernel
2010-01-22 16:27:30
remote denial of service in kernel
2010-02-08 17:19:31
remote denial of service in kernel
2010-02-18 21:41:21
nessus
nessus
Fedora 11 : kernel-2.6.30.10-105.2.4.fc11 (2010-0919)
2010-07-01 00:00:00
SuSE 10 Security Update : the debug kernel (ZYPP Patch Number 6778)
2012-05-17 00:00:00
SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6779)
2010-10-11 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2010-03-17 00:00:00
kernel security and bug fix update
2010-03-17 00:00:00
Oracle Enterprise Linux 5.5 kernel security and bug fix update
2010-04-05 00:00:00
openvas
openvas
RedHat Update for kernel RHSA-2010:0146-01
2010-03-22 00:00:00
RedHat Update for kernel RHSA-2010:0147-01
2010-03-22 00:00:00
RedHat Update for kernel RHSA-2010:0147-01
2010-03-22 00:00:00
redhat
redhat
(RHSA-2010:0146) Important: kernel security and bug fix update
2010-03-16 00:00:00
(RHSA-2010:0147) Important: kernel security and bug fix update
2010-03-16 00:00:00
(RHSA-2010:0161) Important: kernel-rt security and bug fix update
2010-03-23 00:00:00
centos
centos
kernel security update
2010-03-17 18:19:30
kernel security update
2010-03-18 10:55:12
debian
debian
osv
osv
linux-2.6 - several vulnerabilities
2010-02-22 00:00:00
linux-2.6 - several vulnerabilities
2010-02-12 00:00:00
linux-2.6.24 - several vulnerabilities
2010-02-27 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2010-02-05 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2010-02-16 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.4.fc11
2010-01-22 22:36:26
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.13.fc11
2010-02-05 01:48:41
[SECURITY] Fedora 11 Update: kernel-2.6.30.10-105.2.23.fc11
2010-02-12 04:48:05
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
EPSS
0
Percentile
10.1%
Related for F5_BIGIP_SOL16473.NASL