Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2012 Greenbone AGOPENVAS:1361412562310841147
HistorySep 17, 2012 - 12:00 a.m.

Ubuntu: Security Advisory (USN-1567-1)

2012-09-1700:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
48

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.089

Percentile

94.6%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.841147");
  script_cve_id("CVE-2012-2745", "CVE-2012-3412", "CVE-2012-3430", "CVE-2012-3511");
  script_tag(name:"creation_date", value:"2012-09-17 11:25:00 +0000 (Mon, 17 Sep 2012)");
  script_version("2024-02-02T05:06:04+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:04 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");

  script_name("Ubuntu: Security Advisory (USN-1567-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2012 Greenbone AG");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU11\.04");

  script_xref(name:"Advisory-ID", value:"USN-1567-1");
  script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-1567-1");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'linux' package(s) announced via the USN-1567-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"A flaw was found in how the Linux kernel passed the replacement session
keyring to a child process. An unprivileged local user could exploit this
flaw to cause a denial of service (panic). (CVE-2012-2745)

Ben Hutchings reported a flaw in the Linux kernel with some network drivers
that support TSO (TCP segment offload). A local or peer user could exploit
this flaw to cause a denial of service. (CVE-2012-3412)

Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel
implementation of RDS sockets. A local unprivileged user could potentially
use this flaw to read privileged information from the kernel.
(CVE-2012-3430)

A flaw was discovered in the madvise feature of the Linux kernel's memory
subsystem. An unprivileged local use could exploit the flaw to cause a
denial of service (crash the system). (CVE-2012-3511)");

  script_tag(name:"affected", value:"'linux' package(s) on Ubuntu 11.04.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU11.04") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-generic", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-generic-pae", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-omap", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-powerpc", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-powerpc-smp", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-powerpc64-smp", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-server", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-versatile", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-2.6.38-16-virtual", ver:"2.6.38-16.67", rls:"UBUNTU11.04"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

openvas 65
ubuntu 17
nessus 57
securityvulns 2
oraclelinux 14
redhat 10
centos 4
veracode 2
cvelist 4
nvd 4
cve 4
amazon 1
ubuntucve 4
seebug 2
debiancve 4
prion 4
suse 1
openvas
openvas
Ubuntu Update for linux USN-1567-1
2012-09-17 00:00:00
Ubuntu: Security Advisory (USN-1574-1)
2012-09-22 00:00:00
Ubuntu Update for linux-lts-backport-natty USN-1574-1
2012-09-22 00:00:00
ubuntu
ubuntu
Linux kernel (Natty backport) vulnerabilities
2012-09-19 00:00:00
Linux kernel vulnerabilities
2012-09-14 00:00:00
Linux kernel vulnerabilities
2012-09-19 00:00:00
nessus
nessus
Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1574-1)
2012-09-20 00:00:00
Ubuntu 11.04 : linux vulnerabilities (USN-1567-1)
2012-09-15 00:00:00
Ubuntu 10.04 LTS : linux vulnerabilities (USN-1572-1)
2012-09-19 00:00:00
securityvulns
securityvulns
[USN-1567-1] Linux kernel vulnerabilities
2012-09-18 00:00:00
Linux kernel multiple security vulnerabilities
2012-09-18 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2012-10-02 00:00:00
1
2012-10-02 00:00:00
Unbreakable Enterprise kernel security and bug fix update
2012-10-18 00:00:00
redhat
redhat
(RHSA-2012:1323) Important: kernel security and bug fix update
2012-10-02 00:00:00
(RHSA-2012:1401) Important: kernel security and bug fix update
2012-10-23 00:00:00
(RHSA-2012:1430) Important: kernel security and bug fix update
2012-11-06 00:00:00
centos
centos
kernel security update
2012-10-03 11:39:10
kernel, perf, python security update
2012-10-16 21:34:31
kernel, perf, python security update
2012-07-10 17:40:45
veracode
veracode
Information Disclosure
2019-05-02 04:41:23
Denial Of Service (DoS)
2019-05-02 04:41:23
cvelist
cvelist
CVE-2012-3430
2012-10-03 10:00:00
CVE-2012-2745
2012-08-09 10:00:00
CVE-2012-3412
2012-10-03 10:00:00
nvd
nvd
CVE-2012-3430
2012-10-03 11:02:56
CVE-2012-3412
2012-10-03 11:02:56
CVE-2012-2745
2012-08-09 10:29:47
cve
cve
CVE-2012-3430
2012-10-03 11:02:56
CVE-2012-2745
2012-08-09 10:29:47
CVE-2012-3412
2012-10-03 11:02:56
amazon
amazon
Medium: kernel
2012-08-21 21:04:00
ubuntucve
ubuntucve
CVE-2012-3430
2012-07-27 00:00:00
CVE-2012-3412
2012-08-10 00:00:00
CVE-2012-2745
2012-08-09 00:00:00
seebug
seebug
Linux kernel 2.6.x 'rds_recvmsg()'函数本地信息泄露漏洞
2012-07-27 00:00:00
Linux Kernel 'madvise_remove()'函数本地拒绝服务漏洞
2012-08-26 00:00:00
debiancve
debiancve
CVE-2012-3430
2012-10-03 11:02:56
CVE-2012-3412
2012-10-03 11:02:56
CVE-2012-2745
2012-08-09 10:29:47
prion
prion
Sql injection
2012-10-03 11:02:00
Design/Logic Flaw
2012-08-09 10:29:00
Code injection
2012-10-03 11:02:00
suse
suse
kernel: security and bugfix update (important)
2012-10-12 16:08:23

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.089

Percentile

94.6%

JSON
Related for OPENVAS:1361412562310841147
openvas65ubuntu17nessus57securityvulns2oraclelinux14redhat10centos4veracode2cvelist4nvd4cve4amazon1ubuntucve4seebug2debiancve4prion4suse1