Vulnerabilities > CVE-2005-4881 - Information Exposure vulnerability in Linux Kernel

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_fill_node, (3) neightbl_fill_info, (4) neightbl_fill_param_info, (5) neigh_fill_info, (6) rtnetlink_fill_ifinfo, (7) rtnetlink_fill_iwinfo, (8) vif_delete, (9) ipmr_destroy_unres, (10) ipmr_cache_alloc_unres, (11) ipmr_cache_resolve, (12) inet6_fill_ifinfo, (13) tca_get_fill, (14) tca_action_flush, (15) tcf_add_notify, (16) tc_dump_action, (17) cbq_dump_police, (18) __nlmsg_put, (19) __rta_fill, (20) __rta_reserve, (21) inet6_fill_prefix, (22) rsvp_dump, and (23) cbq_dump_ovl functions.

Vulnerable Configurations

Part Description Count
OS
Linux
97

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-1522.NASL
    descriptionFrom Red Hat Security Advisory 2009:1522 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate) This update also fixes the following bugs : * a packet duplication issue was fixed via the RHSA-2008:0665 update; however, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the
    last seen2020-06-01
    modified2020-06-02
    plugin id67945
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67945
    titleOracle Linux 4 : kernel (ELSA-2009-1522)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2009:1522 and 
    # Oracle Linux Security Advisory ELSA-2009-1522 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(67945);
      script_version("1.13");
      script_cvs_date("Date: 2019/10/25 13:36:08");
    
      script_cve_id("CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612");
      script_bugtraq_id(36304);
      script_xref(name:"RHSA", value:"2009:1522");
    
      script_name(english:"Oracle Linux 4 : kernel (ELSA-2009-1522)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Oracle Linux host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "From Red Hat Security Advisory 2009:1522 :
    
    Updated kernel packages that fix multiple security issues and several
    bugs are now available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having moderate security impact by the
    Red Hat Security Response Team.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    This update fixes the following security issues :
    
    * multiple, missing initialization flaws were found in the Linux
    kernel. Padding data in several core network structures was not
    initialized properly before being sent to user-space. These flaws
    could lead to information leaks. (CVE-2005-4881, CVE-2009-3228,
    Moderate)
    
    This update also fixes the following bugs :
    
    * a packet duplication issue was fixed via the RHSA-2008:0665 update;
    however, the fix introduced a problem for systems using network
    bonding: Backup slaves were unable to receive ARP packets. When using
    network bonding in the 'active-backup' mode and with the
    'arp_validate=3' option, the bonding driver considered such backup
    slaves as being down (since they were not receiving ARP packets),
    preventing successful failover to these devices. (BZ#519384)
    
    * due to insufficient memory barriers in the network code, a process
    sleeping in select() may have missed notifications about new data. In
    rare cases, this bug may have caused a process to sleep forever.
    (BZ#519386)
    
    * the driver version number in the ata_piix driver was not changed
    between Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8,
    even though changes had been made between these releases. This could
    have prevented the driver from loading on systems that check driver
    versions, as this driver appeared older than it was. (BZ#519389)
    
    * a bug in nlm_lookup_host() could have led to un-reclaimed locks on
    file systems, resulting in the umount command failing. This bug could
    have also prevented NFS services from being relocated correctly in
    clustered environments. (BZ#519656)
    
    * the data buffer ethtool_get_strings() allocated, for the igb driver,
    was smaller than the amount of data that was copied in
    igb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN,
    resulting in memory corruption. This bug could have led to a kernel
    panic. (BZ#522738)
    
    * in some situations, write operations to a TTY device were blocked
    even when the O_NONBLOCK flag was used. A reported case of this issue
    occurred when a single TTY device was opened by two users (one using
    blocking mode, and the other using non-blocking mode). (BZ#523930)
    
    * a deadlock was found in the cciss driver. In rare cases, this caused
    an NMI lockup during boot. Messages such as 'cciss: controller
    cciss[x] failed, stopping.' and 'cciss[x]: controller not responding.'
    may have been displayed on the console. (BZ#525725)
    
    * on 64-bit PowerPC systems, a rollover bug in the ibmveth driver
    could have caused a kernel panic. In a reported case, this panic
    occurred on a system with a large uptime and under heavy network load.
    (BZ#527225)
    
    Users should upgrade to these updated packages, which contain
    backported patches to correct these issues. The system must be
    rebooted for this update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://oss.oracle.com/pipermail/el-errata/2009-October/001211.html"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected kernel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(200);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-hugemem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-hugemem-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-largesmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-largesmp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-smp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-xenU");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-xenU-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/10/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/10/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Oracle Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
    os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 4", "Oracle Linux " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612");  
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for ELSA-2009-1522");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    kernel_major_minor = get_kb_item("Host/uname/major_minor");
    if (empty_or_null(kernel_major_minor)) exit(1, "Unable to determine kernel major-minor level.");
    expected_kernel_major_minor = "2.6";
    if (kernel_major_minor != expected_kernel_major_minor)
      audit(AUDIT_OS_NOT, "running kernel level " + expected_kernel_major_minor + ", it is running kernel level " + kernel_major_minor);
    
    flag = 0;
    if (rpm_exists(release:"EL4", rpm:"kernel-2.6.9") && rpm_check(release:"EL4", reference:"kernel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-devel-2.6.9") && rpm_check(release:"EL4", reference:"kernel-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-doc-2.6.9") && rpm_check(release:"EL4", reference:"kernel-doc-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-hugemem-2.6.9") && rpm_check(release:"EL4", cpu:"i386", reference:"kernel-hugemem-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-hugemem-devel-2.6.9") && rpm_check(release:"EL4", cpu:"i386", reference:"kernel-hugemem-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-largesmp-2.6.9") && rpm_check(release:"EL4", cpu:"ia64", reference:"kernel-largesmp-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-largesmp-2.6.9") && rpm_check(release:"EL4", cpu:"x86_64", reference:"kernel-largesmp-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-largesmp-devel-2.6.9") && rpm_check(release:"EL4", cpu:"ia64", reference:"kernel-largesmp-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-largesmp-devel-2.6.9") && rpm_check(release:"EL4", cpu:"x86_64", reference:"kernel-largesmp-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-smp-2.6.9") && rpm_check(release:"EL4", cpu:"i386", reference:"kernel-smp-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-smp-2.6.9") && rpm_check(release:"EL4", cpu:"x86_64", reference:"kernel-smp-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-smp-devel-2.6.9") && rpm_check(release:"EL4", cpu:"i386", reference:"kernel-smp-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-smp-devel-2.6.9") && rpm_check(release:"EL4", cpu:"x86_64", reference:"kernel-smp-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-xenU-2.6.9") && rpm_check(release:"EL4", cpu:"i386", reference:"kernel-xenU-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-xenU-2.6.9") && rpm_check(release:"EL4", cpu:"x86_64", reference:"kernel-xenU-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-xenU-devel-2.6.9") && rpm_check(release:"EL4", cpu:"i386", reference:"kernel-xenU-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    if (rpm_exists(release:"EL4", rpm:"kernel-xenU-devel-2.6.9") && rpm_check(release:"EL4", cpu:"x86_64", reference:"kernel-xenU-devel-2.6.9-89.0.15.0.1.EL")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "affected kernel");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-329.NASL
    descriptionSome vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddpN device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903) Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547) The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612) net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621) Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. (CVE-2009-3638) The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726) The ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel 2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function. (CVE-2009-1298) To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate
    last seen2020-06-01
    modified2020-06-02
    plugin id48161
    published2010-07-30
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/48161
    titleMandriva Linux Security Advisory : kernel (MDVSA-2009:329)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2009:329. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(48161);
      script_version("1.30");
      script_cvs_date("Date: 2019/08/02 13:32:52");
    
      script_cve_id("CVE-2009-1298", "CVE-2009-2903", "CVE-2009-3547", "CVE-2009-3612", "CVE-2009-3621", "CVE-2009-3638", "CVE-2009-3726", "CVE-2009-4131");
      script_bugtraq_id(36379, 36723, 36803, 36827, 36901, 36936);
      script_xref(name:"MDVSA", value:"2009:329");
    
      script_name(english:"Mandriva Linux Security Advisory : kernel (MDVSA-2009:329)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Some vulnerabilities were discovered and corrected in the Linux 2.6
    kernel :
    
    Memory leak in the appletalk subsystem in the Linux kernel 2.4.x
    through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and
    ipddp modules are loaded but the ipddpN device is not found, allows
    remote attackers to cause a denial of service (memory consumption) via
    IP-DDP datagrams. (CVE-2009-2903)
    
    Multiple race conditions in fs/pipe.c in the Linux kernel before
    2.6.32-rc6 allow local users to cause a denial of service (NULL
    pointer dereference and system crash) or gain privileges by attempting
    to open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)
    
    The tcf_fill_node function in net/sched/cls_api.c in the netlink
    subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6
    and earlier, does not initialize a certain tcm__pad2 structure member,
    which might allow local users to obtain sensitive information from
    kernel memory via unspecified vectors. NOTE: this issue exists because
    of an incomplete fix for CVE-2005-4881. (CVE-2009-3612)
    
    net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows
    local users to cause a denial of service (system hang) by creating an
    abstract-namespace AF_UNIX listening socket, performing a shutdown
    operation on this socket, and then performing a series of connect
    operations to this socket. (CVE-2009-3621)
    
    Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in
    arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before
    2.6.31.4 allows local users to have an unspecified impact via a
    KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.
    (CVE-2009-3638)
    
    The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client
    in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to
    cause a denial of service (NULL pointer dereference and panic) by
    sending a certain response containing incorrect file attributes, which
    trigger attempted use of an open file that lacks NFSv4 state.
    (CVE-2009-3726)
    
    The ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel
    2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with
    an incorrect argument, which allows remote attackers to cause a denial
    of service (NULL pointer dereference and hang) via long IP packets,
    possibly related to the ip_defrag function. (CVE-2009-1298)
    
    To update your kernel, please follow the directions located at :
    
    http://www.mandriva.com/en/security/kernelupdate"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(119, 189, 200, 264, 362, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:broadcom-wl-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:em8300-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-2.6.29.6-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-2.6.31.6-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libafs-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadditions-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-desktop-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-desktop586-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.29.6-server-3mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-desktop-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-desktop586-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.31.6-server-1mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2010.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/12/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2009.1", reference:"broadcom-wl-kernel-2.6.29.6-desktop-3mnb-5.10.79.10-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"broadcom-wl-kernel-2.6.29.6-desktop586-3mnb-5.10.79.10-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"broadcom-wl-kernel-2.6.29.6-server-3mnb-5.10.79.10-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"broadcom-wl-kernel-desktop-latest-5.10.79.10-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"broadcom-wl-kernel-desktop586-latest-5.10.79.10-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"broadcom-wl-kernel-server-latest-5.10.79.10-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"em8300-kernel-2.6.29.6-desktop-3mnb-0.17.2-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"em8300-kernel-2.6.29.6-desktop586-3mnb-0.17.2-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"em8300-kernel-2.6.29.6-server-3mnb-0.17.2-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"em8300-kernel-desktop-latest-0.17.2-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"em8300-kernel-desktop586-latest-0.17.2-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"em8300-kernel-server-latest-0.17.2-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"fcpci-kernel-2.6.29.6-desktop-3mnb-3.11.07-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"fcpci-kernel-2.6.29.6-desktop586-3mnb-3.11.07-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"fcpci-kernel-2.6.29.6-server-3mnb-3.11.07-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"fcpci-kernel-desktop-latest-3.11.07-1.20091209.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"fcpci-kernel-desktop586-latest-3.11.07-1.20091209.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"fcpci-kernel-server-latest-3.11.07-1.20091209.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.29.6-desktop-3mnb-1.18-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.29.6-desktop586-3mnb-1.18-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.29.6-server-3mnb-1.18-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hcfpcimodem-kernel-desktop-latest-1.18-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hcfpcimodem-kernel-desktop586-latest-1.18-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hcfpcimodem-kernel-server-latest-1.18-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"hsfmodem-kernel-2.6.29.6-desktop-3mnb-7.80.02.03-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hsfmodem-kernel-2.6.29.6-desktop586-3mnb-7.80.02.03-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"hsfmodem-kernel-2.6.29.6-server-3mnb-7.80.02.03-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"hsfmodem-kernel-desktop-latest-7.80.02.03-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"hsfmodem-kernel-desktop586-latest-7.80.02.03-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"hsfmodem-kernel-server-latest-7.80.02.03-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-desktop-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-desktop-devel-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-desktop-devel-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-desktop-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"kernel-desktop586-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"kernel-desktop586-devel-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"kernel-desktop586-devel-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"kernel-desktop586-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-doc-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-server-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-server-devel-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-server-devel-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-server-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-source-2.6.29.6-3mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"kernel-source-latest-2.6.29.6-3mnb2")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"libafs-kernel-2.6.29.6-desktop-3mnb-1.4.10-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libafs-kernel-2.6.29.6-desktop586-3mnb-1.4.10-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"libafs-kernel-2.6.29.6-server-3mnb-1.4.10-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"libafs-kernel-desktop-latest-1.4.10-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"libafs-kernel-desktop586-latest-1.4.10-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"libafs-kernel-server-latest-1.4.10-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lirc-kernel-2.6.29.6-desktop-3mnb-0.8.5-0.20090320.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"lirc-kernel-2.6.29.6-desktop586-3mnb-0.8.5-0.20090320.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lirc-kernel-2.6.29.6-server-3mnb-0.8.5-0.20090320.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lirc-kernel-desktop-latest-0.8.5-1.20091209.0.20090320.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"lirc-kernel-desktop586-latest-0.8.5-1.20091209.0.20090320.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lirc-kernel-server-latest-0.8.5-1.20091209.0.20090320.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lzma-kernel-2.6.29.6-desktop-3mnb-4.43-27.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"lzma-kernel-2.6.29.6-desktop586-3mnb-4.43-27.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lzma-kernel-2.6.29.6-server-3mnb-4.43-27.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lzma-kernel-desktop-latest-4.43-1.20091209.27.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"lzma-kernel-desktop586-latest-4.43-1.20091209.27.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"lzma-kernel-server-latest-4.43-1.20091209.27.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"madwifi-kernel-2.6.29.6-desktop-3mnb-0.9.4-4.r3998mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"madwifi-kernel-2.6.29.6-desktop586-3mnb-0.9.4-4.r3998mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"madwifi-kernel-2.6.29.6-server-3mnb-0.9.4-4.r3998mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"madwifi-kernel-desktop-latest-0.9.4-1.20091209.4.r3998mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"madwifi-kernel-desktop586-latest-0.9.4-1.20091209.4.r3998mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"madwifi-kernel-server-latest-0.9.4-1.20091209.4.r3998mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia-current-kernel-2.6.29.6-desktop-3mnb-180.51-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"nvidia-current-kernel-2.6.29.6-desktop586-3mnb-180.51-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia-current-kernel-2.6.29.6-server-3mnb-180.51-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia-current-kernel-desktop-latest-180.51-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"nvidia-current-kernel-desktop586-latest-180.51-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia-current-kernel-server-latest-180.51-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia173-kernel-2.6.29.6-desktop-3mnb-173.14.18-2mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"nvidia173-kernel-2.6.29.6-desktop586-3mnb-173.14.18-2mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia173-kernel-2.6.29.6-server-3mnb-173.14.18-2mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia173-kernel-desktop-latest-173.14.18-1.20091209.2mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"nvidia173-kernel-desktop586-latest-173.14.18-1.20091209.2mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia173-kernel-server-latest-173.14.18-1.20091209.2mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia96xx-kernel-2.6.29.6-desktop-3mnb-96.43.11-5mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"nvidia96xx-kernel-2.6.29.6-desktop586-3mnb-96.43.11-5mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia96xx-kernel-2.6.29.6-server-3mnb-96.43.11-5mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia96xx-kernel-desktop-latest-96.43.11-1.20091209.5mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"nvidia96xx-kernel-desktop586-latest-96.43.11-1.20091209.5mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"nvidia96xx-kernel-server-latest-96.43.11-1.20091209.5mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"slmodem-kernel-2.6.29.6-desktop-3mnb-2.9.11-0.20080817.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"slmodem-kernel-2.6.29.6-desktop586-3mnb-2.9.11-0.20080817.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"slmodem-kernel-2.6.29.6-server-3mnb-2.9.11-0.20080817.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"slmodem-kernel-desktop-latest-2.9.11-1.20091209.0.20080817.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"slmodem-kernel-desktop586-latest-2.9.11-1.20091209.0.20080817.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"slmodem-kernel-server-latest-2.9.11-1.20091209.0.20080817.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"vboxadditions-kernel-2.6.29.6-desktop-3mnb-2.2.0-4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vboxadditions-kernel-2.6.29.6-desktop586-3mnb-2.2.0-4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"vboxadditions-kernel-2.6.29.6-server-3mnb-2.2.0-4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"vboxadditions-kernel-desktop-latest-2.2.0-1.20091209.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vboxadditions-kernel-desktop586-latest-2.2.0-1.20091209.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"vboxadditions-kernel-server-latest-2.2.0-1.20091209.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"virtualbox-kernel-2.6.29.6-desktop-3mnb-2.2.0-4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"virtualbox-kernel-2.6.29.6-desktop586-3mnb-2.2.0-4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"virtualbox-kernel-2.6.29.6-server-3mnb-2.2.0-4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"virtualbox-kernel-desktop-latest-2.2.0-1.20091209.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"virtualbox-kernel-desktop586-latest-2.2.0-1.20091209.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", reference:"virtualbox-kernel-server-latest-2.2.0-1.20091209.4mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vpnclient-kernel-2.6.29.6-desktop-3mnb-4.8.02.0030-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"vpnclient-kernel-2.6.29.6-desktop-3mnb-4.8.01.0640-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vpnclient-kernel-2.6.29.6-desktop586-3mnb-4.8.02.0030-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vpnclient-kernel-2.6.29.6-server-3mnb-4.8.02.0030-1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"vpnclient-kernel-2.6.29.6-server-3mnb-4.8.01.0640-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vpnclient-kernel-desktop-latest-4.8.02.0030-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20091209.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vpnclient-kernel-desktop586-latest-4.8.02.0030-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"i386", reference:"vpnclient-kernel-server-latest-4.8.02.0030-1.20091209.1mdv2009.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.1", cpu:"x86_64", reference:"vpnclient-kernel-server-latest-4.8.01.0640-1.20091209.3mdv2009.0", yank:"mdv")) flag++;
    
    if (rpm_check(release:"MDK2010.0", reference:"broadcom-wl-kernel-2.6.31.6-desktop-1mnb-5.10.91.9-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"broadcom-wl-kernel-2.6.31.6-desktop586-1mnb-5.10.91.9-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"broadcom-wl-kernel-2.6.31.6-server-1mnb-5.10.91.9-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"broadcom-wl-kernel-desktop-latest-5.10.91.9-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"broadcom-wl-kernel-desktop586-latest-5.10.91.9-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"broadcom-wl-kernel-server-latest-5.10.91.9-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"em8300-kernel-2.6.31.6-desktop-1mnb-0.17.4-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"em8300-kernel-2.6.31.6-desktop586-1mnb-0.17.4-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"em8300-kernel-2.6.31.6-server-1mnb-0.17.4-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"em8300-kernel-desktop-latest-0.17.4-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"em8300-kernel-desktop586-latest-0.17.4-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"em8300-kernel-server-latest-0.17.4-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"fglrx-kernel-2.6.31.6-desktop-1mnb-8.650-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"fglrx-kernel-2.6.31.6-desktop586-1mnb-8.650-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"fglrx-kernel-2.6.31.6-server-1mnb-8.650-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"fglrx-kernel-desktop-latest-8.650-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"fglrx-kernel-desktop586-latest-8.650-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"fglrx-kernel-server-latest-8.650-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.31.6-desktop-1mnb-1.19-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.31.6-desktop586-1mnb-1.19-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.31.6-server-1mnb-1.19-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hcfpcimodem-kernel-desktop-latest-1.19-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hcfpcimodem-kernel-desktop586-latest-1.19-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hcfpcimodem-kernel-server-latest-1.19-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"hsfmodem-kernel-2.6.31.6-desktop-1mnb-7.80.02.05-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hsfmodem-kernel-2.6.31.6-desktop586-1mnb-7.80.02.05-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"hsfmodem-kernel-2.6.31.6-server-1mnb-7.80.02.05-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"hsfmodem-kernel-desktop-latest-7.80.02.05-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"hsfmodem-kernel-desktop586-latest-7.80.02.05-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"hsfmodem-kernel-server-latest-7.80.02.05-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-desktop-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-desktop-devel-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-desktop-devel-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-desktop-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"kernel-desktop586-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"kernel-desktop586-devel-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"kernel-desktop586-devel-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"kernel-desktop586-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-doc-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-server-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-server-devel-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-server-devel-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-server-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-source-2.6.31.6-1mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"kernel-source-latest-2.6.31.6-1mnb2")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"libafs-kernel-2.6.31.6-desktop-1mnb-1.4.11-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libafs-kernel-2.6.31.6-desktop586-1mnb-1.4.11-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"libafs-kernel-2.6.31.6-server-1mnb-1.4.11-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"libafs-kernel-desktop-latest-1.4.11-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"libafs-kernel-desktop586-latest-1.4.11-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"libafs-kernel-server-latest-1.4.11-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lirc-kernel-2.6.31.6-desktop-1mnb-0.8.6-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"lirc-kernel-2.6.31.6-desktop586-1mnb-0.8.6-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lirc-kernel-2.6.31.6-server-1mnb-0.8.6-2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lirc-kernel-desktop-latest-0.8.6-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"lirc-kernel-desktop586-latest-0.8.6-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lirc-kernel-server-latest-0.8.6-1.20091209.2mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lzma-kernel-2.6.31.6-desktop-1mnb-4.43-28mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"lzma-kernel-2.6.31.6-desktop586-1mnb-4.43-28mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lzma-kernel-2.6.31.6-server-1mnb-4.43-28mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lzma-kernel-desktop-latest-4.43-1.20091209.28mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"lzma-kernel-desktop586-latest-4.43-1.20091209.28mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"lzma-kernel-server-latest-4.43-1.20091209.28mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"madwifi-kernel-2.6.31.6-desktop-1mnb-0.9.4-4.r4068mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"madwifi-kernel-2.6.31.6-desktop586-1mnb-0.9.4-4.r4068mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"madwifi-kernel-2.6.31.6-server-1mnb-0.9.4-4.r4068mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"madwifi-kernel-desktop-latest-0.9.4-1.20091209.4.r4068mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"madwifi-kernel-desktop586-latest-0.9.4-1.20091209.4.r4068mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"madwifi-kernel-server-latest-0.9.4-1.20091209.4.r4068mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia-current-kernel-2.6.31.6-desktop-1mnb-185.18.36-4mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"nvidia-current-kernel-2.6.31.6-desktop586-1mnb-185.18.36-4mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia-current-kernel-2.6.31.6-server-1mnb-185.18.36-4mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia-current-kernel-desktop-latest-185.18.36-1.20091209.4mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"nvidia-current-kernel-desktop586-latest-185.18.36-1.20091209.4mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia-current-kernel-server-latest-185.18.36-1.20091209.4mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia173-kernel-2.6.31.6-desktop-1mnb-173.14.20-7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"nvidia173-kernel-2.6.31.6-desktop586-1mnb-173.14.20-7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia173-kernel-2.6.31.6-server-1mnb-173.14.20-7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia173-kernel-desktop-latest-173.14.20-1.20091209.7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"nvidia173-kernel-desktop586-latest-173.14.20-1.20091209.7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia173-kernel-server-latest-173.14.20-1.20091209.7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia96xx-kernel-2.6.31.6-desktop-1mnb-96.43.13-7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"nvidia96xx-kernel-2.6.31.6-desktop586-1mnb-96.43.13-7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia96xx-kernel-2.6.31.6-server-1mnb-96.43.13-7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia96xx-kernel-desktop-latest-96.43.13-1.20091209.7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"nvidia96xx-kernel-desktop586-latest-96.43.13-1.20091209.7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"nvidia96xx-kernel-server-latest-96.43.13-1.20091209.7mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"slmodem-kernel-2.6.31.6-desktop-1mnb-2.9.11-0.20080817.4.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"slmodem-kernel-2.6.31.6-desktop586-1mnb-2.9.11-0.20080817.4.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"slmodem-kernel-2.6.31.6-server-1mnb-2.9.11-0.20080817.4.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"slmodem-kernel-desktop-latest-2.9.11-1.20091209.0.20080817.4.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"slmodem-kernel-desktop586-latest-2.9.11-1.20091209.0.20080817.4.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"slmodem-kernel-server-latest-2.9.11-1.20091209.0.20080817.4.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"squashfs-lzma-kernel-2.6.31.6-desktop-1mnb-3.3-11mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"squashfs-lzma-kernel-2.6.31.6-desktop586-1mnb-3.3-11mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"squashfs-lzma-kernel-2.6.31.6-server-1mnb-3.3-11mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"squashfs-lzma-kernel-desktop-latest-3.3-1.20091209.11mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"squashfs-lzma-kernel-desktop586-latest-3.3-1.20091209.11mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"squashfs-lzma-kernel-server-latest-3.3-1.20091209.11mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"vboxadditions-kernel-2.6.31.6-desktop-1mnb-3.0.8-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vboxadditions-kernel-2.6.31.6-desktop586-1mnb-3.0.8-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"vboxadditions-kernel-2.6.31.6-server-1mnb-3.0.8-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"vboxadditions-kernel-desktop-latest-3.0.8-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vboxadditions-kernel-desktop586-latest-3.0.8-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"vboxadditions-kernel-server-latest-3.0.8-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"virtualbox-kernel-2.6.31.6-desktop-1mnb-3.0.8-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"virtualbox-kernel-2.6.31.6-desktop586-1mnb-3.0.8-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"virtualbox-kernel-2.6.31.6-server-1mnb-3.0.8-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"virtualbox-kernel-desktop-latest-3.0.8-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"virtualbox-kernel-desktop586-latest-3.0.8-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", reference:"virtualbox-kernel-server-latest-3.0.8-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vpnclient-kernel-2.6.31.6-desktop-1mnb-4.8.02.0030-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vpnclient-kernel-2.6.31.6-desktop586-1mnb-4.8.02.0030-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vpnclient-kernel-2.6.31.6-server-1mnb-4.8.02.0030-1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vpnclient-kernel-desktop-latest-4.8.02.0030-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vpnclient-kernel-desktop586-latest-4.8.02.0030-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2010.0", cpu:"i386", reference:"vpnclient-kernel-server-latest-4.8.02.0030-1.20091209.1mdv2010.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20091022_KERNEL_ON_SL4_X.NASL
    descriptionCVE-2005-4881 kernel: netlink: fix numerous padding memleaks CVE-2009-3228 kernel: tc: uninitialised kernel memory leak This update fixes the following security issues : - multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate) This update also fixes the following bugs : - a packet duplication issue was fixed via the RHSA-2008:0665 update; however, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the
    last seen2020-06-01
    modified2020-06-02
    plugin id60682
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60682
    titleScientific Linux Security Update : kernel on SL4.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(60682);
      script_version("1.5");
      script_cvs_date("Date: 2019/10/25 13:36:18");
    
      script_cve_id("CVE-2005-4881", "CVE-2009-3228");
    
      script_name(english:"Scientific Linux Security Update : kernel on SL4.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "CVE-2005-4881 kernel: netlink: fix numerous padding memleaks
    
    CVE-2009-3228 kernel: tc: uninitialised kernel memory leak
    
    This update fixes the following security issues :
    
      - multiple, missing initialization flaws were found in the
        Linux kernel. Padding data in several core network
        structures was not initialized properly before being
        sent to user-space. These flaws could lead to
        information leaks. (CVE-2005-4881, CVE-2009-3228,
        Moderate)
    
    This update also fixes the following bugs :
    
      - a packet duplication issue was fixed via the
        RHSA-2008:0665 update; however, the fix introduced a
        problem for systems using network bonding: Backup slaves
        were unable to receive ARP packets. When using network
        bonding in the 'active-backup' mode and with the
        'arp_validate=3' option, the bonding driver considered
        such backup slaves as being down (since they were not
        receiving ARP packets), preventing successful failover
        to these devices. (BZ#519384)
    
      - due to insufficient memory barriers in the network code,
        a process sleeping in select() may have missed
        notifications about new data. In rare cases, this bug
        may have caused a process to sleep forever. (BZ#519386)
    
      - the driver version number in the ata_piix driver was not
        changed between Scientific Linux 4.7 and Scientific
        Linux 4.8, even though changes had been made between
        these releases. This could have prevented the driver
        from loading on systems that check driver versions, as
        this driver appeared older than it was. (BZ#519389)
    
      - a bug in nlm_lookup_host() could have led to
        un-reclaimed locks on file systems, resulting in the
        umount command failing. This bug could have also
        prevented NFS services from being relocated correctly in
        clustered environments. (BZ#519656)
    
      - the data buffer ethtool_get_strings() allocated, for the
        igb driver, was smaller than the amount of data that was
        copied in igb_get_strings(), because of a miscalculation
        in IGB_QUEUE_STATS_LEN, resulting in memory corruption.
        This bug could have led to a kernel panic. (BZ#522738)
    
      - in some situations, write operations to a TTY device
        were blocked even when the O_NONBLOCK flag was used. A
        reported case of this issue occurred when a single TTY
        device was opened by two users (one using blocking mode,
        and the other using non-blocking mode). (BZ#523930)
    
      - a deadlock was found in the cciss driver. In rare cases,
        this caused an NMI lockup during boot. Messages such as
        'cciss: controller cciss[x] failed, stopping.' and
        'cciss[x]: controller not responding.' may have been
        displayed on the console. (BZ#525725)
    
      - on 64-bit PowerPC systems, a rollover bug in the ibmveth
        driver could have caused a kernel panic. In a reported
        case, this panic occurred on a system with a large
        uptime and under heavy network load. (BZ#527225)
    
    The system must be rebooted for this update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=519384"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=519386"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=519389"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=519656"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=522738"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=523930"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=525725"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=527225"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0910&L=scientific-linux-errata&T=0&P=1943
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?c357124f"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_cwe_id(200);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/10/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/10/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL4", reference:"kernel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", reference:"kernel-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", reference:"kernel-doc-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-hugemem-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", cpu:"i386", reference:"kernel-hugemem-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-largesmp-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", cpu:"x86_64", reference:"kernel-largesmp-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", reference:"kernel-smp-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", reference:"kernel-smp-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", reference:"kernel-xenU-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"SL4", reference:"kernel-xenU-devel-2.6.9-89.0.15.EL")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-1522.NASL
    descriptionUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate) This update also fixes the following bugs : * a packet duplication issue was fixed via the RHSA-2008:0665 update; however, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the
    last seen2020-06-01
    modified2020-06-02
    plugin id42257
    published2009-10-27
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/42257
    titleCentOS 4 : kernel (CESA-2009:1522)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2009:1522 and 
    # CentOS Errata and Security Advisory 2009:1522 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42257);
      script_version("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:05");
    
      script_cve_id("CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612");
      script_bugtraq_id(36304);
      script_xref(name:"RHSA", value:"2009:1522");
    
      script_name(english:"CentOS 4 : kernel (CESA-2009:1522)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated kernel packages that fix multiple security issues and several
    bugs are now available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having moderate security impact by the
    Red Hat Security Response Team.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    This update fixes the following security issues :
    
    * multiple, missing initialization flaws were found in the Linux
    kernel. Padding data in several core network structures was not
    initialized properly before being sent to user-space. These flaws
    could lead to information leaks. (CVE-2005-4881, CVE-2009-3228,
    Moderate)
    
    This update also fixes the following bugs :
    
    * a packet duplication issue was fixed via the RHSA-2008:0665 update;
    however, the fix introduced a problem for systems using network
    bonding: Backup slaves were unable to receive ARP packets. When using
    network bonding in the 'active-backup' mode and with the
    'arp_validate=3' option, the bonding driver considered such backup
    slaves as being down (since they were not receiving ARP packets),
    preventing successful failover to these devices. (BZ#519384)
    
    * due to insufficient memory barriers in the network code, a process
    sleeping in select() may have missed notifications about new data. In
    rare cases, this bug may have caused a process to sleep forever.
    (BZ#519386)
    
    * the driver version number in the ata_piix driver was not changed
    between Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8,
    even though changes had been made between these releases. This could
    have prevented the driver from loading on systems that check driver
    versions, as this driver appeared older than it was. (BZ#519389)
    
    * a bug in nlm_lookup_host() could have led to un-reclaimed locks on
    file systems, resulting in the umount command failing. This bug could
    have also prevented NFS services from being relocated correctly in
    clustered environments. (BZ#519656)
    
    * the data buffer ethtool_get_strings() allocated, for the igb driver,
    was smaller than the amount of data that was copied in
    igb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN,
    resulting in memory corruption. This bug could have led to a kernel
    panic. (BZ#522738)
    
    * in some situations, write operations to a TTY device were blocked
    even when the O_NONBLOCK flag was used. A reported case of this issue
    occurred when a single TTY device was opened by two users (one using
    blocking mode, and the other using non-blocking mode). (BZ#523930)
    
    * a deadlock was found in the cciss driver. In rare cases, this caused
    an NMI lockup during boot. Messages such as 'cciss: controller
    cciss[x] failed, stopping.' and 'cciss[x]: controller not responding.'
    may have been displayed on the console. (BZ#525725)
    
    * on 64-bit PowerPC systems, a rollover bug in the ibmveth driver
    could have caused a kernel panic. In a reported case, this panic
    occurred on a system with a large uptime and under heavy network load.
    (BZ#527225)
    
    Users should upgrade to these updated packages, which contain
    backported patches to correct these issues. The system must be
    rebooted for this update to take effect."
      );
      # https://lists.centos.org/pipermail/centos-announce/2009-October/016196.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?07e2891f"
      );
      # https://lists.centos.org/pipermail/centos-announce/2009-October/016197.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6b4ecd8f"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected kernel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(200);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-hugemem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-hugemem-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-largesmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-largesmp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-smp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xenU");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xenU-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/10/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/10/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/27");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-doc-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-doc-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-hugemem-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-hugemem-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-largesmp-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-largesmp-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-smp-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-smp-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-smp-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-smp-devel-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"kernel-xenU-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-xenU-2.6.9-89.0.15.EL")) flag++;
    if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"kernel-xenU-devel-2.6.9-89.0.15.EL")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-devel / kernel-doc / kernel-hugemem / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1522.NASL
    descriptionUpdated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : * multiple, missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2005-4881, CVE-2009-3228, Moderate) This update also fixes the following bugs : * a packet duplication issue was fixed via the RHSA-2008:0665 update; however, the fix introduced a problem for systems using network bonding: Backup slaves were unable to receive ARP packets. When using network bonding in the
    last seen2020-06-01
    modified2020-06-02
    plugin id42216
    published2009-10-23
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/42216
    titleRHEL 4 : kernel (RHSA-2009:1522)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2009:1522. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(42216);
      script_version ("1.25");
      script_cvs_date("Date: 2019/10/25 13:36:14");
    
      script_cve_id("CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612");
      script_bugtraq_id(36304);
      script_xref(name:"RHSA", value:"2009:1522");
    
      script_name(english:"RHEL 4 : kernel (RHSA-2009:1522)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated kernel packages that fix multiple security issues and several
    bugs are now available for Red Hat Enterprise Linux 4.
    
    This update has been rated as having moderate security impact by the
    Red Hat Security Response Team.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    This update fixes the following security issues :
    
    * multiple, missing initialization flaws were found in the Linux
    kernel. Padding data in several core network structures was not
    initialized properly before being sent to user-space. These flaws
    could lead to information leaks. (CVE-2005-4881, CVE-2009-3228,
    Moderate)
    
    This update also fixes the following bugs :
    
    * a packet duplication issue was fixed via the RHSA-2008:0665 update;
    however, the fix introduced a problem for systems using network
    bonding: Backup slaves were unable to receive ARP packets. When using
    network bonding in the 'active-backup' mode and with the
    'arp_validate=3' option, the bonding driver considered such backup
    slaves as being down (since they were not receiving ARP packets),
    preventing successful failover to these devices. (BZ#519384)
    
    * due to insufficient memory barriers in the network code, a process
    sleeping in select() may have missed notifications about new data. In
    rare cases, this bug may have caused a process to sleep forever.
    (BZ#519386)
    
    * the driver version number in the ata_piix driver was not changed
    between Red Hat Enterprise Linux 4.7 and Red Hat Enterprise Linux 4.8,
    even though changes had been made between these releases. This could
    have prevented the driver from loading on systems that check driver
    versions, as this driver appeared older than it was. (BZ#519389)
    
    * a bug in nlm_lookup_host() could have led to un-reclaimed locks on
    file systems, resulting in the umount command failing. This bug could
    have also prevented NFS services from being relocated correctly in
    clustered environments. (BZ#519656)
    
    * the data buffer ethtool_get_strings() allocated, for the igb driver,
    was smaller than the amount of data that was copied in
    igb_get_strings(), because of a miscalculation in IGB_QUEUE_STATS_LEN,
    resulting in memory corruption. This bug could have led to a kernel
    panic. (BZ#522738)
    
    * in some situations, write operations to a TTY device were blocked
    even when the O_NONBLOCK flag was used. A reported case of this issue
    occurred when a single TTY device was opened by two users (one using
    blocking mode, and the other using non-blocking mode). (BZ#523930)
    
    * a deadlock was found in the cciss driver. In rare cases, this caused
    an NMI lockup during boot. Messages such as 'cciss: controller
    cciss[x] failed, stopping.' and 'cciss[x]: controller not responding.'
    may have been displayed on the console. (BZ#525725)
    
    * on 64-bit PowerPC systems, a rollover bug in the ibmveth driver
    could have caused a kernel panic. In a reported case, this panic
    occurred on a system with a large uptime and under heavy network load.
    (BZ#527225)
    
    Users should upgrade to these updated packages, which contain
    backported patches to correct these issues. The system must be
    rebooted for this update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2005-4881"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-3228"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2009-3612"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2009:1522"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(200);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xenU");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xenU-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/10/19");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/10/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2005-4881", "CVE-2009-3228", "CVE-2009-3612");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2009:1522");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2009:1522";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", reference:"kernel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"kernel-devel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", reference:"kernel-doc-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-hugemem-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-hugemem-devel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-largesmp-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-largesmp-devel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-smp-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-smp-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-smp-devel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-smp-devel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-xenU-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-xenU-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-xenU-devel-2.6.9-89.0.15.EL")) flag++;
    
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-xenU-devel-2.6.9-89.0.15.EL")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-devel / kernel-doc / kernel-hugemem / etc");
      }
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KERNEL-6726.NASL
    descriptionThis update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraid_sas driver was worldwriteable, allowing local users to cause a denial of service or potential code execution. - The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005) - A negative offset in a ioctl in the GDTH RAID driver was fixed. (CVE-2009-3080) - The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. (CVE-2009-4021) - The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file. (CVE-2009-3889) - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp
    last seen2020-06-01
    modified2020-06-02
    plugin id43398
    published2009-12-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/43398
    titleSuSE 10 Security Update : the Linux Kernel (i386) (ZYPP Patch Number 6726)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43398);
      script_version ("1.15");
      script_cvs_date("Date: 2019/10/25 13:36:36");
    
      script_cve_id("CVE-2005-4881", "CVE-2009-2903", "CVE-2009-3080", "CVE-2009-3612", "CVE-2009-3613", "CVE-2009-3620", "CVE-2009-3621", "CVE-2009-3726", "CVE-2009-3889", "CVE-2009-3939", "CVE-2009-4005", "CVE-2009-4021");
    
      script_name(english:"SuSE 10 Security Update : the Linux Kernel (i386) (ZYPP Patch Number 6726)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update fixes a several security issues and various bugs in the
    SUSE Linux Enterprise 10 SP 2 kernel.
    
    The following security issues were fixed: CVE-2009-3939: A sysctl
    variable of the megaraid_sas driver was worldwriteable, allowing local
    users to cause a denial of service or potential code execution.
    
      - The collect_rx_frame function in
        drivers/isdn/hisax/hfc_usb.c in the Linux kernel before
        2.6.32-rc7 allows attackers to have an unspecified
        impact via a crafted HDLC packet that arrives over ISDN
        and triggers a buffer under-read. (CVE-2009-4005)
    
      - A negative offset in a ioctl in the GDTH RAID driver was
        fixed. (CVE-2009-3080)
    
      - The fuse_direct_io function in fs/fuse/file.c in the
        fuse subsystem in the Linux kernel might allow attackers
        to cause a denial of service (invalid pointer
        dereference and OOPS) via vectors possibly related to a
        memory-consumption attack. (CVE-2009-4021)
    
      - The dbg_lvl file for the megaraid_sas driver in the
        Linux kernel before 2.6.27 has world-writable
        permissions, which allows local users to change the (1)
        behavior and (2) logging level of the driver by
        modifying this file. (CVE-2009-3889)
    
      - Memory leak in the appletalk subsystem in the Linux
        kernel when the appletalk and ipddp modules are loaded
        but the ipddp'N' device is not found, allows remote
        attackers to cause a denial of service (memory
        consumption) via IP-DDP datagrams. (CVE-2009-2903)
    
      - net/unix/af_unix.c in the Linux kernel allows local
        users to cause a denial of service (system hang) by
        creating an abstract-namespace AF_UNIX listening socket,
        performing a shutdown operation on this socket, and then
        performing a series of connect operations to this
        socket. (CVE-2009-3621)
    
      - The tcf_fill_node function in net/sched/cls_api.c in the
        netlink subsystem in the Linux kernel 2.6.x before
        2.6.32-rc5, and 2.4.37.6 and earlier, does not
        initialize a certain tcm__pad2 structure member, which
        might allow local users to obtain sensitive information
        from kernel memory via unspecified vectors. NOTE: this
        issue existed because of an incomplete fix for
        CVE-2005-4881. (CVE-2009-3612 / CVE-2005-4881)
    
      - The ATI Rage 128 (aka r128) driver in the Linux kernel
        does not properly verify Concurrent Command Engine (CCE)
        state initialization, which allows local users to cause
        a denial of service (NULL pointer dereference and system
        crash) or possibly gain privileges via unspecified ioctl
        calls. (CVE-2009-3620)
    
      - The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the
        NFSv4 client in the Linux kernel allows remote NFS
        servers to cause a denial of service (NULL pointer
        dereference and panic) by sending a certain response
        containing incorrect file attributes, which trigger
        attempted use of an open file that lacks NFSv4 state.
        (CVE-2009-3726)
    
      - The swiotlb functionality in the r8169 driver in
        drivers/net/r8169.c in the Linux kernel allows remote
        attackers to cause a denial of service (IOMMU space
        exhaustion and system crash) by using jumbo frames for a
        large amount of network traffic, as demonstrated by a
        flood ping. (CVE-2009-3613)
    
    The rio and sx serial multiport card drivers were disabled via a
    modprobe blacklist due to severe bugs.
    
    For a full list of changes, please read the RPM changelog."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2005-4881.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-2903.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3080.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3612.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3613.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3620.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3621.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3726.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3889.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-3939.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4005.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2009-4021.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 6726.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_cwe_id(20, 119, 200, 264, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/12/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/12/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-bigsmp-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-default-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-smp-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-source-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-syms-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-xen-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLED10", sp:2, cpu:"i586", reference:"kernel-xenpae-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-bigsmp-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-debug-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-default-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-kdump-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-smp-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-source-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-syms-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-vmi-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-vmipae-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-xen-2.6.16.60-0.42.8")) flag++;
    if (rpm_check(release:"SLES10", sp:2, cpu:"i586", reference:"kernel-xenpae-2.6.16.60-0.42.8")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KERNEL-6694.NASL
    descriptionThis update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraid_sas driver was worldwriteable, allowing local users to cause a denial of service or potential code execution. - The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005) - A negative offset in a ioctl in the GDTH RAID driver was fixed. (CVE-2009-3080) - The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. (CVE-2009-4021) - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp
    last seen2020-06-01
    modified2020-06-02
    plugin id49868
    published2010-10-11
    reporterThis script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/49868
    titleSuSE 10 Security Update : Linux Kernel (x86) (ZYPP Patch Number 6694)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KERNEL-6730.NASL
    descriptionThis update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraid_sas driver was worldwriteable, allowing local users to cause a denial of service or potential code execution. - The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005) - A negative offset in a ioctl in the GDTH RAID driver was fixed. (CVE-2009-3080) - The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. (CVE-2009-4021) - The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file. (CVE-2009-3889) - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp
    last seen2020-06-01
    modified2020-06-02
    plugin id59143
    published2012-05-17
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59143
    titleSuSE 10 Security Update : the Linux Kernel (x86_64) (ZYPP Patch Number 6730)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_KERNEL-091123.NASL
    descriptionThe SUSE Linux Enterprise 11 Kernel was updated to 2.6.27.39 fixing various bugs and security issues. The following security issues have been fixed : - A race condition during pipe open could be used by local attackers to cause a denial of service. (Due to mmap_min_addr protection enabled by default, code execution is not possible.). (CVE-2009-3547) - On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. (CVE-2009-2910) - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp
    last seen2020-06-01
    modified2020-06-02
    plugin id42990
    published2009-12-03
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42990
    titleSuSE 11 Security Update : Linux kernel (SAT Patch Numbers 1581 / 1588 / 1591)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KERNEL-6697.NASL
    descriptionThis update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. The following security issues were fixed: CVE-2009-3939: A sysctl variable of the megaraid_sas driver was worldwriteable, allowing local users to cause a denial of service or potential code execution. - The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. (CVE-2009-4005) - A negative offset in a ioctl in the GDTH RAID driver was fixed. (CVE-2009-3080) - The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack. (CVE-2009-4021) - Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp
    last seen2020-06-01
    modified2020-06-02
    plugin id59142
    published2012-05-17
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59142
    titleSuSE 10 Security Update : Linux Kernel (x86_64) (ZYPP Patch Number 6697)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_KERNEL-091123.NASL
    descriptionThe openSUSE 11.1 Kernel was updated to 2.6.27.39 fixing various bugs and security issues. Following security issues have been fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to cause a denial of service. (Due to mmap_min_addr protection enabled by default, code execution is not possible.) CVE-2009-2910: On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. CVE-2009-2903: Memory leak in the appletalk subsystem in the Linux kernel when the appletalk and ipddp modules are loaded but the ipddp
    last seen2020-06-01
    modified2020-06-02
    plugin id42952
    published2009-12-01
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42952
    titleopenSUSE Security Update : kernel (kernel-1593)

Oval

accepted2013-04-29T04:15:34.931-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
description (23) cbq_dump_ovl functions.
familyunix
idoval:org.mitre.oval:def:11744
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_fill_node, (3) neightbl_fill_info, (4) neightbl_fill_param_info, (5) neigh_fill_info, (6) rtnetlink_fill_ifinfo, (7) rtnetlink_fill_iwinfo, (8) vif_delete, (9) ipmr_destroy_unres, (10) ipmr_cache_alloc_unres, (11) ipmr_cache_resolve, (12) inet6_fill_ifinfo, (13) tca_get_fill, (14) tca_action_flush, (15) tcf_add_notify, (16) tc_dump_action, (17) cbq_dump_police, (18) __nlmsg_put, (19) __rta_fill, (20) __rta_reserve, (21) inet6_fill_prefix, (22) rsvp_dump, and (23) cbq_dump_ovl functions.
version26

Redhat

advisories
rhsa
idRHSA-2009:1522
rpms
  • kernel-0:2.6.9-89.0.15.EL
  • kernel-debuginfo-0:2.6.9-89.0.15.EL
  • kernel-devel-0:2.6.9-89.0.15.EL
  • kernel-doc-0:2.6.9-89.0.15.EL
  • kernel-hugemem-0:2.6.9-89.0.15.EL
  • kernel-hugemem-devel-0:2.6.9-89.0.15.EL
  • kernel-largesmp-0:2.6.9-89.0.15.EL
  • kernel-largesmp-devel-0:2.6.9-89.0.15.EL
  • kernel-smp-0:2.6.9-89.0.15.EL
  • kernel-smp-devel-0:2.6.9-89.0.15.EL
  • kernel-xenU-0:2.6.9-89.0.15.EL
  • kernel-xenU-devel-0:2.6.9-89.0.15.EL

Statements

contributorTomas Hoger
lastmodified2009-10-22
organizationRed Hat
statementRed Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2005-4881 This issue has been rated as having moderate security impact. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5, and Red Hat Enterprise MRG. It affects Red Hat Enterprise Linux 3, and 4. It was addressed in Red Hat Enterprise Linux 4 via: https://rhn.redhat.com/errata/RHSA-2009-1522.html This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important and critical impact are addressed. For further information about Errata Support Policy, visit: http://www.redhat.com/security/updates/errata/

References