Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:850086HistoryJan 28, 2009 - 12:00 a.m.
SuSE Update for kernel SUSE-SA:2007:064
2009-01-2800:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
24
0.144 Low
EPSS
Percentile
95.8%
Check for the Version of kernel
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_suse_2007_064.nasl 8050 2017-12-08 09:34:29Z santu $
#
# SuSE Update for kernel SUSE-SA:2007:064
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "This kernel update fixes the following security problems:
- CVE-2007-3104: The sysfs_readdir function in the Linux kernel 2.6
allows local users to cause a denial of service (kernel OOPS)
by dereferencing a null pointer to an inode in a dentry.
- CVE-2007-4997: A 2 byte buffer underflow in the ieee80211 stack
was fixed, which might be used by attackers in the local WLAN reach
to crash the machine.
- CVE-2007-3740: The CIFS filesystem, when Unix extension support is
enabled, did not honor the umask of a process, which allowed local
users to gain privileges.
- CVE-2007-4573: It was possible for local user to become root by
exploiting a bug in the IA32 system call emulation. This problem
affects the x86_64 platform only, on all distributions.
This problem was fixed for regular kernels, but had not been fixed
for the XEN kernels. This update fixes the problem also for the
XEN kernels.
- CVE-2007-4308: The (1) aac_cfg_open and (2) aac_compat_ioctl
functions in the SCSI layer ioctl path in aacraid did not check
permissions for ioctls, which might have allowed local users to
cause a denial of service or gain privileges.
- CVE-2007-3843: The Linux kernel checked the wrong global variable
for the CIFS sec mount option, which might allow remote attackers to
spoof CIFS network traffic that the client configured for security
signatures, as demonstrated by lack of signing despite sec=ntlmv2i
in a SetupAndX request.
- CVE-2007-5904: Multiple buffer overflows in CIFS VFS in the Linux
kernel allowed remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via long SMB responses that
trigger the overflows in the SendReceive function.
This requires the attacker to mis-present / replace a CIFS server
the client machine is connected to.
Also the exploitability of this problem is not known.
- CVE-2007-6063: Buffer overflow in the isdn_net_setcfg function in
isdn_net.c in the Linux kernel allowed local users to have an
unknown impact via a crafted argument to the isdn_ioctl function.
and the following non security bugs:
- patches.drivers/pci-delete-ACPI-hook-from-pci_set_power_state.patch:
Delete ACPI hook from pci_set_power_state() [#162320]
Still execute the ...
Description truncated, for more information please check the Reference URL";
tag_impact = "remote denial of service";
tag_affected = "kernel on SUSE LINUX 10.1, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_id(850086);
script_version("$Revision: 8050 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $");
script_tag(name:"creation_date", value:"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "SUSE-SA", value: "2007-064");
script_cve_id("CVE-2007-3104", "CVE-2007-3740", "CVE-2007-3843", "CVE-2007-4308", "CVE-2007-4573", "CVE-2007-4997", "CVE-2007-5904", "CVE-2007-6063");
script_name( "SuSE Update for kernel SUSE-SA:2007:064");
script_summary("Check for the Version of kernel");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "LES10SP1")
{
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xenpae", rpm:"kernel-xenpae~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-bigsmp-debuginfo", rpm:"kernel-bigsmp-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xenpae-debuginfo", rpm:"kernel-xenpae-debuginfo~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-bigsmp", rpm:"kernel-bigsmp~2.6.16.54~0.2.3", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLESDK10SP1")
{
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xenpae", rpm:"kernel-xenpae~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-bigsmp-debuginfo", rpm:"kernel-bigsmp-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xenpae-debuginfo", rpm:"kernel-xenpae-debuginfo~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-bigsmp", rpm:"kernel-bigsmp~2.6.16.54~0.2.3", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLESDk10SP1")
{
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-debuginfo", rpm:"kernel-debug-debuginfo~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default-debuginfo", rpm:"kernel-default-debuginfo~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp-debuginfo", rpm:"kernel-smp-debuginfo~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source-debuginfo", rpm:"kernel-source-debuginfo~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen-debuginfo", rpm:"kernel-xen-debuginfo~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.16.54~0.2.3", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SL10.1")
{
if ((res = isrpmvuln(pkg:"kernel-bigsmp", rpm:"kernel-bigsmp~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-default", rpm:"kernel-default~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-kdump", rpm:"kernel-kdump~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-smp", rpm:"kernel-smp~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-syms", rpm:"kernel-syms~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-um", rpm:"kernel-um~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xen", rpm:"kernel-xen~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-xenpae", rpm:"kernel-xenpae~2.6.16.54~0.2.3", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
References
Related
nessus
nessus
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4745)
2012-05-17 00:00:00
SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 4741)
2007-12-13 00:00:00
openSUSE 10 Security Update : kernel (kernel-4752)
2008-01-08 00:00:00
suse
suse
remote denial of service in kernel
2007-12-04 11:58:44
local privilege escalation in kernel
2008-02-07 11:18:53
remote denial of service in kernel
2008-03-28 14:11:32
openvas
openvas
Debian Security Advisory DSA 1428-2 (linux-2.6)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1428-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1428-1 (linux-2.6)
2008-01-31 00:00:00
debian
debian
osv
osv
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2007-12-11 00:00:00
fai-kernels linux-2.6 user-mode-linux - several vulnerabilities
2007-09-28 00:00:00
linux-2.6
2007-08-31 00:00:00
securityvulns
securityvulns
Linux kernel multiple security vulnrabilities
2008-01-13 00:00:00
oraclelinux
oraclelinux
Important: kernel security update
2007-09-28 00:00:00
Important: kernel security and bug fix update
2008-01-24 00:00:00
Important: kernel security update
2007-11-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2007-08-31 00:00:00
Linux kernel vulnerabilities
2007-08-30 00:00:00
centos
centos
kernel security update
2008-03-16 01:40:23
kernel security update
2008-01-24 00:20:48
kernel security update
2007-11-03 02:32:41
prion
prion
Buffer overflow
2007-11-09 18:46:00
Buffer overflow
2007-11-21 00:46:00
Path traversal
2007-08-13 21:17:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:24:23
Buffer Overflow
2020-04-10 00:21:38
Privilege Escalation
2020-04-10 00:21:25
redhat
redhat
(RHSA-2008:0089) Important: kernel security and bug fix update
2008-01-23 00:00:00
(RHSA-2008:0167) Moderate: kernel security and bug fix update
2008-03-14 00:00:00
(RHSA-2007:0939) Important: kernel security update
2007-11-01 00:00:00
cve
cve
ubuntucve
ubuntucve
cvelist
cvelist
nvd
nvd
seebug
seebug
Linux Kernel ISDN_Net.C本地缓冲区溢出漏洞
2007-12-04 00:00:00
Linux Kernel CIFS transport.c文件远程缓冲区溢出漏洞
2007-11-17 00:00:00
Linux Kernel IEEE80211 HDRLen处理远程拒绝服务漏洞
2007-11-09 00:00:00
f5
f5
SOL8924 - Linux kernel vulnerability CVE-2007-3843
2008-06-30 00:00:00
K8924 : Linux kernel vulnerability CVE-2007-3843
2013-03-18 00:00:00
K8921 : Linux kernel vulnerability CVE-2007-3740
2013-03-18 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: kernel-2.6.22.7-85.fc7
2007-09-25 15:44:20