8.3 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
79.4%
Fixes multiple security bugs. All users should update to this version.
Also fixes :
Stall on boot on some systems with TPM devices.
(RHBZ#530393)
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2010-18983.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(51374);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2010-2962", "CVE-2010-2963", "CVE-2010-3442", "CVE-2010-3698", "CVE-2010-3705", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4169", "CVE-2010-4249", "CVE-2010-4258");
script_bugtraq_id(43701, 43787, 44067, 44242, 44500, 44648, 44661, 44758, 44793, 44861, 45037, 45159);
script_xref(name:"FEDORA", value:"2010-18983");
script_name(english:"Fedora 13 : kernel-2.6.34.7-66.fc13 (2010-18983)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Fixes multiple security bugs. All users should update to this version.
Also fixes :
- Stall on boot on some systems with TPM devices.
(RHBZ#530393)
- Hard lockups with Radeon RV350 devices. (RHBZ#631310)
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=637688"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=638478"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=639879"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=640036"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=642465"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=649695"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=651147"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=651671"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=651698"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=652529"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=656756"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=659567"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?c3b42422"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected kernel package."
);
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/10/04");
script_set_attribute(attribute:"patch_publication_date", value:"2010/12/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/26");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^13([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC13", reference:"kernel-2.6.34.7-66.fc13")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | kernel | p-cpe:/a:fedoraproject:fedora:kernel |
fedoraproject | fedora | 13 | cpe:/o:fedoraproject:fedora:13 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3442
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3698
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3705
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3874
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4157
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4158
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4162
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4169
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4258
www.nessus.org/u?c3b42422
bugzilla.redhat.com/show_bug.cgi?id=637688
bugzilla.redhat.com/show_bug.cgi?id=638478
bugzilla.redhat.com/show_bug.cgi?id=639879
bugzilla.redhat.com/show_bug.cgi?id=640036
bugzilla.redhat.com/show_bug.cgi?id=642465
bugzilla.redhat.com/show_bug.cgi?id=649695
bugzilla.redhat.com/show_bug.cgi?id=651147
bugzilla.redhat.com/show_bug.cgi?id=651671
bugzilla.redhat.com/show_bug.cgi?id=651698
bugzilla.redhat.com/show_bug.cgi?id=652529
bugzilla.redhat.com/show_bug.cgi?id=656756
bugzilla.redhat.com/show_bug.cgi?id=659567