Lucene search
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.FEDORA_2012-6344.NASLHistoryApr 24, 2012 - 12:00 a.m.
Fedora 17 : kernel-3.3.2-8.fc17 (2012-6344)
2012-04-2400:00:00
This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.
www.tenable.com
28
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.002
Percentile
59.3%
Fixes CVEs :
CVE-2012-2119 CVE-2012-2123 CVE-2012-2121
Also fixes some fail to boot issues on various Dell machines.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2012-6344.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(58836);
script_version("1.11");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2012-2119", "CVE-2012-2121", "CVE-2012-2123");
script_bugtraq_id(53162, 53165, 53166);
script_xref(name:"FEDORA", value:"2012-6344");
script_name(english:"Fedora 17 : kernel-3.3.2-8.fc17 (2012-6344)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Fixes CVEs :
CVE-2012-2119 CVE-2012-2123 CVE-2012-2121
Also fixes some fail to boot issues on various Dell machines.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=806722"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=814149"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=814278"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2012-April/079026.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?926cd390"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected kernel package."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17");
script_set_attribute(attribute:"patch_publication_date", value:"2012/04/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/24");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC17", reference:"kernel-3.3.2-8.fc17")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | kernel | p-cpe:/a:fedoraproject:fedora:kernel |
| fedoraproject | fedora | 17 | cpe:/o:fedoraproject:fedora:17 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2123
www.nessus.org/u?926cd390
bugzilla.redhat.com/show_bug.cgi?id=806722
bugzilla.redhat.com/show_bug.cgi?id=814149
bugzilla.redhat.com/show_bug.cgi?id=814278
Related
fedora
fedora
[SECURITY] Fedora 17 Update: kernel-3.3.2-8.fc17
2012-04-24 04:30:08
[SECURITY] Fedora 16 Update: kernel-3.3.2-6.fc16
2012-04-24 14:55:12
[SECURITY] Fedora 15 Update: kernel-2.6.43.2-6.fc15
2012-04-26 03:29:54
nessus
nessus
Fedora 15 : kernel-2.6.43.2-6.fc15 (2012-6406)
2012-04-26 00:00:00
Fedora 16 : kernel-3.3.2-6.fc16 (2012-6386)
2012-04-25 00:00:00
CentOS 6 : kernel (CESA-2012:0743)
2012-06-21 00:00:00
openvas
openvas
Fedora Update for kernel FEDORA-2012-6344
2012-08-30 00:00:00
Fedora Update for kernel FEDORA-2012-6344
2012-08-30 00:00:00
CentOS Update for kernel CESA-2012:0743 centos6
2012-07-30 00:00:00
nvd
nvd
seebug
seebug
Linux kernel fcaps本地安全绕过漏洞
2012-04-23 00:00:00
redhat
redhat
(RHSA-2012:0743) Important: kernel security and bug fix update
2012-06-18 00:00:00
(RHSA-2012:0676) Moderate: kvm security and bug fix update
2012-05-21 00:00:00
(RHSA-2012:0670) Important: kernel-rt security and bug fix update
2012-05-15 00:00:00
ubuntucve
ubuntucve
prion
prion
Buffer overflow
2013-01-22 23:55:00
Design/Logic Flaw
2012-05-17 11:00:00
Memory corruption
2012-05-17 11:00:00
cve
cve
centos
centos
kernel, perf, python security update
2012-06-19 10:27:24
kmod, kvm security update
2012-05-21 16:43:32
cvelist
cvelist
oraclelinux
oraclelinux
kernel security and bug fix update
2012-06-18 00:00:00
Unbreakable Enterprise kernel security and bugfix update
2012-06-20 00:00:00
kvm security and bug fix update
2012-05-21 00:00:00
debiancve
debiancve
CVE-2012-2119
2013-01-22 23:55:01
ubuntu
ubuntu
Linux kernel vulnerabilities
2012-05-31 00:00:00
Linux kernel (Natty backport) vulnerabilities
2012-06-12 00:00:00
Linux kernel (EC2) vulnerabilities
2013-12-03 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 04:41:13
securityvulns
securityvulns
Linux kernel multiple security vulnerabilities
2012-05-24 00:00:00
[SECURITY] [DSA 2469-1] linux-2.6 security update
2012-05-14 00:00:00
[USN-1473-1] Linux kernel vulnerabilities
2012-07-09 00:00:00
debian
debian
[SECURITY] [DSA 2469-1] linux-2.6 security update
2012-05-10 15:48:18
[SECURITY] [DSA 2668-1] linux-2.6 security update
2013-05-14 19:14:29
osv
osv
linux-2.6 - several
2012-05-10 00:00:00
linux-2.6 - several
2013-05-14 00:00:00
suse
suse
Security update for Linux kernel (important)
2012-06-26 02:08:23
kernel: security and bugfix update (important)
2013-06-10 17:23:00
Security update for Linux kernel (important)
2013-05-14 14:04:45
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.002
Percentile
59.3%
Related for FEDORA_2012-6344.NASL