Lucene search
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.FEDORA_2012-0861.NASLHistoryJan 25, 2012 - 12:00 a.m.
Fedora 15 : kernel-2.6.41.10-3.fc15 (2012-0861)
2012-01-2500:00:00
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.
www.tenable.com
123
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
46.9%
Update to the 3.1.10 stable release (Fedora 2.6.41.10). Also fixes CVEs :
-
CVE-2012-0056
- CVE-2011-4127
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2012-0861.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(57673);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2011-4127", "CVE-2012-0056");
script_bugtraq_id(51176, 51625);
script_xref(name:"FEDORA", value:"2012-0861");
script_name(english:"Fedora 15 : kernel-2.6.41.10-3.fc15 (2012-0861)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Update to the 3.1.10 stable release (Fedora 2.6.41.10). Also fixes
CVEs :
- CVE-2012-0056
- CVE-2011-4127
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=728740"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=767351"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=769911"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=781625"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782681"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782686"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782687"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=782961"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072399.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?08da26da"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected kernel package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'CANVAS');
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:15");
script_set_attribute(attribute:"patch_publication_date", value:"2012/01/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/01/25");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^15([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 15.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC15", reference:"kernel-2.6.41.10-3.fc15")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | kernel | p-cpe:/a:fedoraproject:fedora:kernel |
| fedoraproject | fedora | 15 | cpe:/o:fedoraproject:fedora:15 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0056
www.nessus.org/u?08da26da
bugzilla.redhat.com/show_bug.cgi?id=728740
bugzilla.redhat.com/show_bug.cgi?id=767351
bugzilla.redhat.com/show_bug.cgi?id=769911
bugzilla.redhat.com/show_bug.cgi?id=781625
bugzilla.redhat.com/show_bug.cgi?id=782681
bugzilla.redhat.com/show_bug.cgi?id=782686
bugzilla.redhat.com/show_bug.cgi?id=782687
bugzilla.redhat.com/show_bug.cgi?id=782961
Related
nessus
nessus
Fedora 16 : kernel-3.2.1-3.fc16 (2012-0876)
2012-01-25 00:00:00
Amazon Linux AMI : kernel (ALAS-2012-34)
2013-09-04 00:00:00
Scientific Linux Security Update : kernel on SL6.x i386/x86_64
2012-08-01 00:00:00
cve
cve
CVE-2011-4127
2012-07-03 16:40:31
CVE-2012-0056
2012-01-27 15:55:04
openvas
openvas
RedHat Update for kernel RHSA-2011:1849-01
2012-07-09 00:00:00
Fedora Update for libguestfs FEDORA-2011-17388
2012-01-09 00:00:00
RedHat Update for kernel RHSA-2011:1849-01
2012-07-09 00:00:00
veracode
veracode
Authorization Bypass
2020-04-10 01:03:58
Privilege Escalation
2020-04-10 01:06:51
fedora
fedora
[SECURITY] Fedora 16 Update: libguestfs-1.14.8-1.fc16
2012-01-05 20:56:45
[SECURITY] Fedora 15 Update: libguestfs-1.10.12-1.fc15
2012-01-05 21:00:57
[SECURITY] Fedora 16 Update: kernel-3.2.1-3.fc16
2012-01-24 07:57:29
oraclelinux
oraclelinux
kernel security and bug fix update
2011-12-22 00:00:00
kernel security and bug fix update
2012-01-23 00:00:00
qemu-kvm security, bug fix, and enhancement update
2012-01-23 00:00:00
ubuntucve
ubuntucve
CVE-2011-4127
2011-12-23 00:00:00
CVE-2012-0056
2012-01-19 00:00:00
amazon
amazon
Medium: kernel
2012-01-06 10:19:00
prion
prion
Design/Logic Flaw
2012-07-03 16:40:00
Input validation
2012-01-27 15:55:00
seebug
seebug
Linux kernel 2.6.x 'SG_IO IOCTL' SCSIθ―·ζ±ζ¬ε°ηΉζζεζΌζ΄
2011-12-24 00:00:00
Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper
2014-07-01 00:00:00
Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2
2014-11-13 00:00:00
cvelist
cvelist
CVE-2011-4127
2012-07-03 16:00:00
CVE-2012-0056
2012-01-27 15:00:00
nvd
nvd
CVE-2011-4127
2012-07-03 16:40:31
CVE-2012-0056
2012-01-27 15:55:04
debiancve
debiancve
CVE-2011-4127
2012-07-03 16:40:31
myhack58
myhack58
redhat
redhat
(RHSA-2012:0061) Important: kernel-rt security update
2012-01-24 00:00:00
(RHSA-2012:0052) Important: kernel security and bug fix update
2012-01-23 00:00:00
(RHSA-2011:1849) Important: kernel security and bug fix update
2011-12-22 00:00:00
chrome
chrome
Stable Channel Update for Chromebooks
2012-02-16 00:00:00
exploitpack
exploitpack
securityvulns
securityvulns
Linux privilege escalation
2012-02-08 00:00:00
[USN-1364-1] Linux kernel (OMAP4) vulnerabilities
2012-02-15 00:00:00
Linux kernel multiple security vulnerabilities
2012-02-15 00:00:00
ubuntu
ubuntu
Linux kernel (Oneiric backport) vulnerability
2012-01-26 00:00:00
Linux kernel vulnerabilities
2012-03-27 00:00:00
Linux kernel (EC2) vulnerabilities
2012-03-06 00:00:00
cert
cert
Linux Kernel local privilege escalation via SUID /proc/pid/mem write
2012-01-27 00:00:00
centos
centos
kernel, perf, python security update
2012-01-24 20:01:50
qemu security update
2012-01-24 03:15:05
kernel, perf, python security update
2011-12-23 09:04:53
thn
thn
CVE-2012-0056 Linux privilege escalation [Video Demonstration]
2012-01-28 19:55:00
canvas
canvas
Immunity Canvas: CVE_2012_0056
2012-01-27 15:55:00
android
android
mempodroid - mempodripper - mem exploit
2012-01-24 00:00:00
exploitdb
exploitdb
osv
osv
linux-2.6 - several
2012-01-15 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2012-02-06 15:08:23
Security update for Linux kernel (important)
2012-04-23 22:08:26
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
46.9%
Related for FEDORA_2012-0861.NASL