Ubuntu Update for Linux kernel vulnerabilities USN-625-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_625_1.nasl 7969 2017-12-01 09:23:16Z santu $
#
# Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Dirk Nehring discovered that the IPsec protocol stack did not correctly
handle fragmented ESP packets. A remote attacker could exploit this to
crash the system, leading to a denial of service. (CVE-2007-6282)
Johannes Bauer discovered that the 64bit kernel did not correctly handle
hrtimer updates. A local attacker could request a large expiration value
and cause the system to hang, leading to a denial of service.
(CVE-2007-6712)
Tavis Ormandy discovered that the ia32 emulation under 64bit kernels did
not fully clear uninitialized data. A local attacker could read private
kernel memory, leading to a loss of privacy. (CVE-2008-0598)
Jan Kratochvil discovered that PTRACE did not correctly handle certain
calls when running under 64bit kernels. A local attacker could exploit this
to crash the system, leading to a denial of service. (CVE-2008-1615)
Wei Wang discovered that the ASN.1 decoding routines in CIFS and SNMP NAT
did not correctly handle certain length values. Remote attackers could
exploit this to execute arbitrary code or crash the system. (CVE-2008-1673)
Paul Marks discovered that the SIT interfaces did not correctly manage
allocated memory. A remote attacker could exploit this to fill all
available memory, leading to a denial of service. (CVE-2008-2136)
David Miller and Jan Lieskovsky discovered that the Sparc kernel did not
correctly range-check memory regions allocated with mmap. A local attacker
could exploit this to crash the system, leading to a denial of service.
(CVE-2008-2137)
The sys_utimensat system call did not correctly check file permissions in
certain situations. A local attacker could exploit this to modify the file
times of arbitrary files which could lead to a denial of service.
(CVE-2008-2148)
Brandon Edwards discovered that the DCCP system in the kernel did not
correctly check feature lengths. A remote attacker could exploit this to
execute arbitrary code. (CVE-2008-2358)
A race condition was discovered between ptrace and utrace in the kernel. A
local attacker could exploit this to crash the system, leading to a denial
of service. (CVE-2008-2365)
The copy_to_user routine in the kernel did not correctly clear memory
destination addresses when running on 64bit kernels. A local attacker could
exploit this to gain access to sensitive kernel memory, leading to a loss
of privacy. (CVE-2008-2729)
The PPP over L2TP routines in the kernel did not correctly handle certain
mess ...
Description truncated, for more information please check the Reference URL";
tag_summary = "Ubuntu Update for Linux kernel vulnerabilities USN-625-1";
tag_affected = "linux, linux-source-2.6.15/20/22 vulnerabilities on Ubuntu 6.06 LTS ,
Ubuntu 7.04 ,
Ubuntu 7.10 ,
Ubuntu 8.04 LTS";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name: "URL" , value: "http://www.ubuntu.com/usn/usn-625-1/");
script_id(840264);
script_version("$Revision: 7969 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $");
script_tag(name:"creation_date", value:"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "USN", value: "625-1");
script_cve_id("CVE-2007-6282", "CVE-2007-6712", "CVE-2008-0598", "CVE-2008-1615", "CVE-2008-1673", "CVE-2008-2136", "CVE-2008-2137", "CVE-2008-2148", "CVE-2008-2358", "CVE-2008-2365", "CVE-2008-2729", "CVE-2008-2750", "CVE-2008-2826");
script_name( "Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages");
script_tag(name : "summary" , value : tag_summary);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-deb.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "UBUNTU6.06 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-52-386_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-52-686_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-52-k7_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-52-server-bigiron_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-52-server_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.15-52_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-52-386_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-52-686_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-52-k7_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-52-server-bigiron_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.15-52-server_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.15_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.15_2.6.15-52.69", rls:"UBUNTU6.06 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU7.04")
{
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-17-386_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-17-generic_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-17-lowlatency_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-17-server-bigiron_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-17-server_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.20-17_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-17-386_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-17-generic_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-17-server-bigiron_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-17-server_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-17-386_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-17-generic_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-17-server-bigiron_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-17-server_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.20-17-lowlatency_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.20-17-lowlatency_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.20_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.20_2.6.20-17.37", rls:"UBUNTU7.04")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU8.04 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-386_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-generic_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-openvz_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-rt_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-server_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-virtual_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19-xen_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-386_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-generic_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-server_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-virtual_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.24-19-386_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.24-19-generic_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.24-19-server_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.24-19-virtual_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-openvz_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-rt_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.24-19-xen_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.24_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.24-19_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.24_2.6.24-19.36", rls:"UBUNTU8.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "UBUNTU7.10")
{
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-386_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-generic_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-rt_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-server_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-ume_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-virtual_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15-xen_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-386_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-generic_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-server_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-virtual_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.22-15-386_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.22-15-generic_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.22-15-server_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-debug", ver:"2.6.22-15-virtual_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-libc-dev", ver:"2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-rt_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-ume_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image", ver:"2.6.22-15-xen_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-doc", ver:"2.6.22_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-headers", ver:"2.6.22-15_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-kernel-devel", ver:"2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-source", ver:"2.6.22_2.6.22-15.56", rls:"UBUNTU7.10")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}