Vulnerabilities > CVE-2004-1069

047910
CVSS 1.2 - LOW
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
high complexity
linux
ubuntu
nessus

Summary

Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-38-1.NASL
    descriptionCAN-2004-0814 : Vitaly V. Bursov discovered a Denial of Service vulnerability in the
    last seen2020-06-01
    modified2020-06-02
    plugin id20654
    published2006-01-15
    reporterUbuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20654
    titleUbuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-38-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-38-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(20654);
      script_version("1.16");
      script_cvs_date("Date: 2019/08/02 13:33:00");
    
      script_cve_id("CVE-2004-0814", "CVE-2004-1016", "CVE-2004-1056", "CVE-2004-1058", "CVE-2004-1068", "CVE-2004-1069", "CVE-2004-1137", "CVE-2004-1151");
      script_xref(name:"USN", value:"38-1");
    
      script_name(english:"Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-38-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "CAN-2004-0814 :
    
    Vitaly V. Bursov discovered a Denial of Service vulnerability in the
    'serio' code; opening the same tty device twice and doing some
    particular operations on it caused a kernel panic and/or a system
    lockup. 
    
    Fixing this vulnerability required a change in the
    Application Binary Interface (ABI) of the kernel. This means
    that third-party user installed modules might not work any
    more with the new kernel, so this fixed kernel got a new ABI
    version number. You have to recompile and reinstall all
    third-party modules.
    
    CAN-2004-1016 :
    
    Paul Starzetz discovered a buffer overflow vulnerability in the
    '__scm_send' function which handles the sending of UDP network
    packets. A wrong validity check of the cmsghdr structure allowed a
    local attacker to modify kernel memory, thus causing an endless loop
    (Denial of Service) or possibly even root privilege escalation.
    
    CAN-2004-1056 :
    
    Thomas Hellstrom discovered a Denial of Service vulnerability in the
    Direct Rendering Manager (DRM) drivers. Due to an insufficient DMA
    lock checking, any authorized client could send arbitrary values to
    the video card, which could cause an X server crash or modification of
    the video output.
    
    CAN-2004-1058 :
    
    Rob Landley discovered a race condition in the handling of
    /proc/.../cmdline. Under very rare circumstances an user could read
    the environment variables of another process that was still spawning.
    Environment variables are often used to pass passwords and other
    private information to other processes.
    
    CAN-2004-1068 :
    
    A race condition was discovered in the handling of AF_UNIX network
    packets. This reportedly allowed local users to modify arbitrary
    kernel memory, facilitating privilege escalation, or possibly allowing
    code execution in the context of the kernel.
    
    CAN-2004-1069 :
    
    Ross Kendall Axe discovered a possible kernel panic (causing a Denial
    of Service) while sending AF_UNIX network packages if the kernel
    options CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX are
    enabled. This is not the case in the kernel packages shipped in Warty
    Warthog; however, if you recompiled the kernel using SELinux, you are
    affected by this flaw.
    
    CAN-2004-1137 :
    
    Paul Starzetz discovered several flaws in the IGMP handling code. This
    allowed users to provoke a Denial of Service, read kernel memory, and
    execute arbitrary code with root privileges. This flaw is also
    exploitable remotely if an application has bound a multicast socket.
    
    CAN-2004-1151 :
    
    Jeremy Fitzhardinge discovered two buffer overflows in the
    sys32_ni_syscall() and sys32_vm86_warning() functions. This could
    possibly be exploited to overwrite kernel memory with
    attacker-supplied code and cause root privilege escalation. 
    
    This vulnerability only affects the amd64 architecture.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-control");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-driver");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-driver-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.8.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.8.1-4-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.8.1-4-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-patch-debian-2.6.8.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6.8.1-4-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.8.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tree-2.6.8.1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2004/12/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2004-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(4\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"4.10", pkgname:"fglrx-control", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"fglrx-driver", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"fglrx-driver-dev", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-386", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-686", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-686-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-amd64-generic", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-amd64-k8", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-amd64-k8-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-amd64-xeon", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-doc", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-doc-2.6.8.1", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-386", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-686", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-686-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-amd64-generic", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-amd64-k8", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-amd64-k8-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6-amd64-xeon", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-386", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-686", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-686-smp", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-amd64-generic", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-amd64-k8", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-amd64-k8-smp", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-headers-2.6.8.1-4-amd64-xeon", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-386", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-686", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-686-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-amd64-generic", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-amd64-k8", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-amd64-k8-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6-amd64-xeon", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-386", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-686", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-686-smp", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-amd64-generic", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-amd64-k8", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-amd64-k8-smp", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-2.6.8.1-4-amd64-xeon", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-386", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-686", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-686-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-amd64-generic", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-amd64-k8", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-amd64-k8-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-image-amd64-xeon", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-patch-debian-2.6.8.1", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-386", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-686", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-686-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-amd64-generic", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-amd64-k8", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-amd64-k8-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6-amd64-xeon", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-386", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-686", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-686-smp", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-amd64-generic", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-amd64-k8", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-amd64-k8-smp", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-2.6.8.1-4-amd64-xeon", pkgver:"2.6.8.1.3-5")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-386", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-686", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-686-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-amd64-generic", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-amd64-k8", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-amd64-k8-smp", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-restricted-modules-amd64-xeon", pkgver:"2.6.8.1-14")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-source-2.6.8.1", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"linux-tree-2.6.8.1", pkgver:"2.6.8.1-16.3")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"nvidia-glx", pkgver:"1.0.6111-1ubuntu8")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"nvidia-glx-dev", pkgver:"1.0.6111-1ubuntu8")) flag++;
    if (ubuntu_check(osver:"4.10", pkgname:"nvidia-kernel-source", pkgver:"1.0.6111-1ubuntu8")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "fglrx-control / fglrx-driver / fglrx-driver-dev / linux-386 / etc");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2005-022.NASL
    descriptionA number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with this advisory : - Multiple race conditions in the terminal layer of 2.4 and 2.6 kernels (prior to 2.6.9) can allow a local attacker to obtain portions of kernel data or allow remote attackers to cause a kernel panic by switching from console to PPP line discipline, then quickly sending data that is received during the switch (CVE-2004-0814) - Richard Hart found an integer underflow problem in the iptables firewall logging rules that can allow a remote attacker to crash the machine by using a specially crafted IP packet. This is only possible, however, if firewalling is enabled. The problem only affects 2.6 kernels and was fixed upstream in 2.6.8 (CVE-2004-0816) - Stefan Esser found several remote DoS confitions in the smbfs file system. This could be exploited by a hostile SMB server (or an attacker injecting packets into the network) to crash the client systems (CVE-2004-0883 and CVE-2004-0949) - Paul Starzetz and Georgi Guninski reported, independently, that bad argument handling and bad integer arithmetics in the IPv4 sendmsg handling of control messages could lead to a local attacker crashing the machine. The fixes were done by Herbert Xu (CVE-2004-1016) - Rob Landley discovered a race condition in the handling of /proc/.../cmdline where, under rare circumstances, a user could read the environment variables of another process that was still spawning leading to the potential disclosure of sensitive information such as passwords (CVE-2004-1058) - Paul Starzetz reported that the missing serialization in unix_dgram_recvmsg() which was added to kernel 2.4.28 can be used by a local attacker to gain elevated (root) privileges (CVE-2004-1068) - Ross Kendall Axe discovered a possible kernel panic (DoS) while sending AF_UNIX network packets if certain SELinux-related kernel options were enabled. By default the CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX options are not enabled (CVE-2004-1069) - Paul Starzetz of isec.pl discovered several issues with the error handling of the ELF loader routines in the kernel. The fixes were provided by Chris Wright (CVE-2004-1070, CVE-2004-1071, CVE-2004-1072, CVE-2004-1073) - It was discovered that hand-crafted a.out binaries could be used to trigger a local DoS condition in both the 2.4 and 2.6 kernels. The fixes were done by Chris Wright (CVE-2004-1074) - Paul Starzetz found bad handling in the IGMP code which could lead to a local attacker being able to crash the machine. The fix was done by Chris Wright (CVE-2004-1137) - Jeremy Fitzhardinge discovered two buffer overflows in the sys32_ni_syscall() and sys32_vm86_warning() functions that could be used to overwrite kernel memory with attacker-supplied code resulting in privilege escalation (CVE-2004-1151) - Paul Starzetz found locally exploitable flaws in the binary format loader
    last seen2020-06-01
    modified2020-06-02
    plugin id16259
    published2005-01-26
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16259
    titleMandrake Linux Security Advisory : kernel (MDKSA-2005:022)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2005:022. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16259);
      script_version ("1.20");
      script_cvs_date("Date: 2019/08/02 13:32:47");
    
      script_cve_id("CVE-2004-0814", "CVE-2004-0816", "CVE-2004-0883", "CVE-2004-0949", "CVE-2004-1016", "CVE-2004-1057", "CVE-2004-1058", "CVE-2004-1068", "CVE-2004-1069", "CVE-2004-1070", "CVE-2004-1071", "CVE-2004-1072", "CVE-2004-1073", "CVE-2004-1074", "CVE-2004-1137", "CVE-2004-1151", "CVE-2004-1191", "CVE-2004-1235", "CVE-2005-0001", "CVE-2005-0003");
      script_xref(name:"MDKSA", value:"2005:022");
    
      script_name(english:"Mandrake Linux Security Advisory : kernel (MDKSA-2005:022)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with
    this advisory :
    
      - Multiple race conditions in the terminal layer of 2.4
        and 2.6 kernels (prior to 2.6.9) can allow a local
        attacker to obtain portions of kernel data or allow
        remote attackers to cause a kernel panic by switching
        from console to PPP line discipline, then quickly
        sending data that is received during the switch
        (CVE-2004-0814)
    
      - Richard Hart found an integer underflow problem in the
        iptables firewall logging rules that can allow a remote
        attacker to crash the machine by using a specially
        crafted IP packet. This is only possible, however, if
        firewalling is enabled. The problem only affects 2.6
        kernels and was fixed upstream in 2.6.8 (CVE-2004-0816)
    
      - Stefan Esser found several remote DoS confitions in the
        smbfs file system. This could be exploited by a hostile
        SMB server (or an attacker injecting packets into the
        network) to crash the client systems (CVE-2004-0883 and
        CVE-2004-0949)
    
      - Paul Starzetz and Georgi Guninski reported,
        independently, that bad argument handling and bad
        integer arithmetics in the IPv4 sendmsg handling of
        control messages could lead to a local attacker crashing
        the machine. The fixes were done by Herbert Xu
        (CVE-2004-1016)
    
      - Rob Landley discovered a race condition in the handling
        of /proc/.../cmdline where, under rare circumstances, a
        user could read the environment variables of another
        process that was still spawning leading to the potential
        disclosure of sensitive information such as passwords
        (CVE-2004-1058)
    
      - Paul Starzetz reported that the missing serialization in
        unix_dgram_recvmsg() which was added to kernel 2.4.28
        can be used by a local attacker to gain elevated (root)
        privileges (CVE-2004-1068)
    
      - Ross Kendall Axe discovered a possible kernel panic
        (DoS) while sending AF_UNIX network packets if certain
        SELinux-related kernel options were enabled. By default
        the CONFIG_SECURITY_NETWORK and CONFIG_SECURITY_SELINUX
        options are not enabled (CVE-2004-1069)
    
      - Paul Starzetz of isec.pl discovered several issues with
        the error handling of the ELF loader routines in the
        kernel. The fixes were provided by Chris Wright
        (CVE-2004-1070, CVE-2004-1071, CVE-2004-1072,
        CVE-2004-1073)
    
      - It was discovered that hand-crafted a.out binaries could
        be used to trigger a local DoS condition in both the 2.4
        and 2.6 kernels. The fixes were done by Chris Wright
        (CVE-2004-1074)
    
      - Paul Starzetz found bad handling in the IGMP code which
        could lead to a local attacker being able to crash the
        machine. The fix was done by Chris Wright
        (CVE-2004-1137)
    
      - Jeremy Fitzhardinge discovered two buffer overflows in
        the sys32_ni_syscall() and sys32_vm86_warning()
        functions that could be used to overwrite kernel memory
        with attacker-supplied code resulting in privilege
        escalation (CVE-2004-1151)
    
      - Paul Starzetz found locally exploitable flaws in the
        binary format loader's uselib() function that could be
        abused to allow a local user to obtain root privileges
        (CVE-2004-1235)
    
      - Paul Starzetz found an exploitable flaw in the page
        fault handler when running on SMP machines
        (CVE-2005-0001)
    
      - A vulnerability in insert_vm_struct could allow a locla
        user to trigger BUG() when the user created a large vma
        that overlapped with arg pages during exec
        (CVE-2005-0003)
    
      - Paul Starzetz also found a number of vulnerabilities in
        the kernel binfmt_elf loader that could lead a local
        user to obtain elevated (root) privileges
        (isec-0017-binfmt_elf)
    
    The provided packages are patched to fix these vulnerabilities. All
    users are encouraged to upgrade to these updated kernels.
    
    To update your kernel, please follow the directions located at :
    
    http://www.mandrakesoft.com/security/kernelupdate
    
    PLEASE NOTE: Mandrakelinux 10.0 users will need to upgrade to the
    latest module-init-tools package prior to upgrading their kernel.
    Likewise, MNF8.2 users will need to upgrade to the latest modutils
    package prior to upgrading their kernel."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://isec.pl/en/vulnerabilities/isec-0017-binfmt_elf.txt"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.isec.pl/vulnerabilities/isec-0022-pagefault.txt"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.ussg.iu.edu/hypermail/linux/kernel/0411.1/1222.html"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.4.22.41mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.4.25.13mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.4.28.0.rc1.5mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.3.25mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.8.1.24mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.22.41mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.25.13mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.28.0.rc1.5mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.3.25mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.8.1.24mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i586-up-1GB-2.4.28.0.rc1.5mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i586-up-1GB-2.6.8.1.24mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.22.41mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.4.25.13mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-4GB-2.6.3.25mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-i686-up-64GB-2.6.8.1.24mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.22.41mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.4.25.13mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-p3-smp-64GB-2.6.3.25mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-secure-2.4.22.41mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-secure-2.6.3.25mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-secure-2.6.8.1.24mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.4.22.41mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.4.25.13mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.4.28.0.rc1.5mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.6.3.25mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-smp-2.6.8.1.24mdk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-2.4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-2.6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-stripped");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-stripped-2.6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:module-init-tools");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/01/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/01/26");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK10.0", reference:"kernel-2.4.25.13mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"kernel-2.6.3.25mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-enterprise-2.4.25.13mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-enterprise-2.6.3.25mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-i686-up-4GB-2.4.25.13mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-i686-up-4GB-2.6.3.25mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-p3-smp-64GB-2.4.25.13mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"kernel-p3-smp-64GB-2.6.3.25mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"kernel-secure-2.6.3.25mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"kernel-smp-2.4.25.13mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"kernel-smp-2.6.3.25mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"kernel-source-2.4.25-13mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"kernel-source-stripped-2.6.3-25mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", reference:"module-init-tools-3.0-1.2.1.100mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK10.1", reference:"kernel-2.4.28.0.rc1.5mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-2.6.8.1.24mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"kernel-enterprise-2.4.28.0.rc1.5mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"kernel-enterprise-2.6.8.1.24mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"kernel-i586-up-1GB-2.4.28.0.rc1.5mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"kernel-i586-up-1GB-2.6.8.1.24mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"kernel-i686-up-64GB-2.6.8.1.24mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-secure-2.6.8.1.24mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-smp-2.4.28.0.rc1.5mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-smp-2.6.8.1.24mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-source-2.4-2.4.28-0.rc1.5mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-source-2.6-2.6.8.1-24mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"kernel-source-stripped-2.6-2.6.8.1-24mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.2", reference:"kernel-2.4.22.41mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"kernel-enterprise-2.4.22.41mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"kernel-i686-up-4GB-2.4.22.41mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"kernel-p3-smp-64GB-2.4.22.41mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", reference:"kernel-secure-2.4.22.41mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", reference:"kernel-smp-2.4.22.41mdk-1-1mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", reference:"kernel-source-2.4.22-41mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");