Vulnerabilities > CVE-2006-2444 - Unspecified vulnerability in Linux Kernel

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
linux
nessus
exploit available

Summary

The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.

Vulnerable Configurations

Part Description Count
OS
Linux
172

Exploit-Db

descriptionLinux Kernel < 2.6.16.18 (Netfilter NAT SNMP Module) Remote DoS Exploit. CVE-2006-2444. Dos exploit for linux platform
idEDB-ID:1880
last seen2016-01-31
modified2006-06-05
published2006-06-05
reporterECL Labs
sourcehttps://www.exploit-db.com/download/1880/
titleLinux Kernel < 2.6.16.18 - Netfilter NAT SNMP Module Remote DoS Exploit

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0617.NASL
    descriptionUpdated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below : * a flaw in the proc file system that allowed a local user to use a suid-wrapper for scripts to gain root privileges (CVE-2006-3626, Important) * a flaw in the SCTP implementation that allowed a local user to cause a denial of service (panic) or to possibly gain root privileges (CVE-2006-3745, Important) * a flaw in NFS exported ext2/ext3 partitions when handling invalid inodes that allowed a remote authenticated user to cause a denial of service (filesystem panic) (CVE-2006-3468, Important) * a flaw in the restore_all code path of the 4/4GB split support of non-hugemem kernels that allowed a local user to cause a denial of service (panic) (CVE-2006-2932, Important) * a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT processing that allowed a remote user to cause a denial of service (crash) or potential memory corruption (CVE-2006-2444, Moderate) * a flaw in the DVD handling of the CDROM driver that could be used together with a custom built USB device to gain root privileges (CVE-2006-2935, Moderate) * a flaw in the handling of O_DIRECT writes that allowed a local user to cause a denial of service (memory consumption) (CVE-2004-2660, Low) * a flaw in the SCTP chunk length handling that allowed a remote user to cause a denial of service (crash) (CVE-2006-1858, Low) * a flaw in the input handling of the ftdi_sio driver that allowed a local user to cause a denial of service (memory consumption) (CVE-2006-2936, Low) In addition a bugfix was added to enable a clean reboot for the IBM Pizzaro machines. Red Hat would like to thank Wei Wang of McAfee Avert Labs and Kirill Korotaev for reporting issues fixed in this erratum. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
    last seen2020-06-01
    modified2020-06-02
    plugin id22264
    published2006-08-23
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22264
    titleRHEL 4 : kernel (RHSA-2006:0617)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2006:0617. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(22264);
      script_version ("1.28");
      script_cvs_date("Date: 2019/10/25 13:36:12");
    
      script_cve_id("CVE-2004-2660", "CVE-2006-1858", "CVE-2006-2444", "CVE-2006-2932", "CVE-2006-2935", "CVE-2006-2936", "CVE-2006-3468", "CVE-2006-3626", "CVE-2006-3745");
      script_xref(name:"RHSA", value:"2006:0617");
    
      script_name(english:"RHEL 4 : kernel (RHSA-2006:0617)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated kernel packages that fix several security issues in the Red
    Hat Enterprise Linux 4 kernel are now available.
    
    This security advisory has been rated as having important security
    impact by the Red Hat Security Response Team.
    
    The Linux kernel handles the basic functions of the operating system.
    
    These new kernel packages contain fixes for the security issues
    described below :
    
    * a flaw in the proc file system that allowed a local user to use a
    suid-wrapper for scripts to gain root privileges (CVE-2006-3626,
    Important)
    
    * a flaw in the SCTP implementation that allowed a local user to cause
    a denial of service (panic) or to possibly gain root privileges
    (CVE-2006-3745, Important)
    
    * a flaw in NFS exported ext2/ext3 partitions when handling invalid
    inodes that allowed a remote authenticated user to cause a denial of
    service (filesystem panic) (CVE-2006-3468, Important)
    
    * a flaw in the restore_all code path of the 4/4GB split support of
    non-hugemem kernels that allowed a local user to cause a denial of
    service (panic) (CVE-2006-2932, Important)
    
    * a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT
    processing that allowed a remote user to cause a denial of service
    (crash) or potential memory corruption (CVE-2006-2444, Moderate)
    
    * a flaw in the DVD handling of the CDROM driver that could be used
    together with a custom built USB device to gain root privileges
    (CVE-2006-2935, Moderate)
    
    * a flaw in the handling of O_DIRECT writes that allowed a local user
    to cause a denial of service (memory consumption) (CVE-2004-2660, Low)
    
    * a flaw in the SCTP chunk length handling that allowed a remote user
    to cause a denial of service (crash) (CVE-2006-1858, Low)
    
    * a flaw in the input handling of the ftdi_sio driver that allowed a
    local user to cause a denial of service (memory consumption)
    (CVE-2006-2936, Low)
    
    In addition a bugfix was added to enable a clean reboot for the IBM
    Pizzaro machines.
    
    Red Hat would like to thank Wei Wang of McAfee Avert Labs and Kirill
    Korotaev for reporting issues fixed in this erratum.
    
    All Red Hat Enterprise Linux 4 users are advised to upgrade their
    kernels to the packages associated with their machine architectures
    and configurations as listed in this erratum."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-2660"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-1858"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2444"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2932"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2935"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-2936"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3468"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3626"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2006-3745"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2006:0617"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'CANVAS');
      script_cwe_id(20);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-hugemem-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-largesmp-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-smp-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2004/12/31");
      script_set_attribute(attribute:"patch_publication_date", value:"2006/08/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2006/08/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2004-2660", "CVE-2006-1858", "CVE-2006-2444", "CVE-2006-2932", "CVE-2006-2935", "CVE-2006-2936", "CVE-2006-3468", "CVE-2006-3626", "CVE-2006-3745");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2006:0617");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2006:0617";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL4", reference:"kernel-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", reference:"kernel-devel-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", reference:"kernel-doc-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-hugemem-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-hugemem-devel-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-largesmp-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-largesmp-devel-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-smp-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-smp-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"i686", reference:"kernel-smp-devel-2.6.9-42.0.2.EL")) flag++;
      if (rpm_check(release:"RHEL4", cpu:"x86_64", reference:"kernel-smp-devel-2.6.9-42.0.2.EL")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-devel / kernel-doc / kernel-hugemem / etc");
      }
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-302-1.NASL
    descriptionAn integer overflow was discovered in the do_replace() function. A local user process with the CAP_NET_ADMIN capability could exploit this to execute arbitrary commands with full root privileges. However, none of Ubuntu
    last seen2020-06-01
    modified2020-06-02
    plugin id27877
    published2007-11-10
    reporterUbuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/27877
    titleUbuntu 5.04 / 5.10 / 6.06 LTS : linux-source-2.6.10/2.6.12/2.6.15 vulnerabilities (USN-302-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-302-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(27877);
      script_version("1.22");
      script_cvs_date("Date: 2019/08/02 13:33:00");
    
      script_cve_id("CVE-2006-0038", "CVE-2006-0744", "CVE-2006-1055", "CVE-2006-1056", "CVE-2006-1522", "CVE-2006-1527", "CVE-2006-1528", "CVE-2006-1855", "CVE-2006-1856", "CVE-2006-1857", "CVE-2006-1858", "CVE-2006-1859", "CVE-2006-1860", "CVE-2006-1863", "CVE-2006-1864", "CVE-2006-2071", "CVE-2006-2271", "CVE-2006-2272", "CVE-2006-2274", "CVE-2006-2275", "CVE-2006-2444");
      script_bugtraq_id(17600, 18081);
      script_xref(name:"USN", value:"302-1");
    
      script_name(english:"Ubuntu 5.04 / 5.10 / 6.06 LTS : linux-source-2.6.10/2.6.12/2.6.15 vulnerabilities (USN-302-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An integer overflow was discovered in the do_replace() function. A
    local user process with the CAP_NET_ADMIN capability could exploit
    this to execute arbitrary commands with full root privileges. However,
    none of Ubuntu's supported packages use this capability with any
    non-root user, so this only affects you if you use some third party
    software like the OpenVZ virtualization system. (CVE-2006-0038)
    
    On EMT64 CPUs, the kernel did not properly handle uncanonical return
    addresses. A local user could exploit this to trigger a kernel crash.
    (CVE-2006-0744)
    
    Al Viro discovered a local Denial of Service in the sysfs write buffer
    handling. By writing a block with a length exactly equal to the
    processor's page size to any writable file in /sys, a local attacker
    could cause a kernel crash. (CVE-2006-1055)
    
    Jan Beulich discovered an information leak in the handling of
    registers for the numeric coprocessor when running on AMD processors.
    This allowed processes to see the coprocessor execution state of other
    processes, which could reveal sensitive data in the case of
    cryptographic computations. (CVE-2006-1056)
    
    Marcel Holtmann discovered that the sys_add_key() did not check that a
    new user key is added to a proper keyring. By attempting to add a key
    to a normal user key (which is not a keyring), a local attacker could
    exploit this to crash the kernel. (CVE-2006-1522)
    
    Ingo Molnar discovered that the SCTP protocol connection tracking
    module in netfilter got stuck in an infinite loop on certain empty
    packet chunks. A remote attacker could exploit this to cause the
    computer to hang. (CVE-2006-1527)
    
    The SCSI I/O driver did not correctly handle the VM_IO flag for memory
    mapped pages used for data transfer. A local user could exploit this
    to cause a kernel crash. (CVE-2006-1528)
    
    The choose_new_parent() contained obsolete debugging code. A local
    user could exploit this to cause a kernel crash. (CVE-2006-1855)
    
    Kostik Belousov discovered that the readv() and writev() functions did
    not query LSM modules for access permission. This could be exploited
    to circumvent access restrictions defined by LSM modules such as
    SELinux or AppArmor. (CVE-2006-1856)
    
    The SCTP driver did not properly verify certain parameters when
    receiving a HB-ACK chunk. By sending a specially crafted packet to an
    SCTP socket, a remote attacker could exploit this to trigger a buffer
    overflow, which could lead to a crash or possibly even arbitrary code
    execution. (CVE-2006-1857)
    
    The sctp_walk_params() function in the SCTP driver incorrectly used
    rounded values for bounds checking instead of the precise values. By
    sending a specially crafted packet to an SCTP socket, a remote
    attacker could exploit this to crash the kernel. (CVE-2006-1858)
    
    Bjoern Steinbrink reported a memory leak in the __setlease() function.
    A local attacker could exploit this to exhaust kernel memory and
    render the computer unusable (Denial of Service). (CVE-2006-1859)
    
    Daniel Hokka Zakrisson discovered that the lease_init() did not
    properly handle locking. A local attacker could exploit this to cause
    a kernel deadlock (Denial of Service). (CVE-2006-1860)
    
    Mark Moseley discovered that the CIFS file system driver did not
    filter out '..\\' path components. A local attacker could exploit this
    to break out of a chroot environment on a mounted SMB share.
    (CVE-2006-1863) The same vulnerability applies to the older smb file
    system. (CVE-2006-1864)
    
    Hugh Dickins discovered that the mprotect() function allowed an user
    to change a read-only shared memory attachment to become writable,
    which bypasses IPC (inter-process communication) permissions.
    (CVE-2006-2071)
    
    The SCTP (Stream Control Transmission Protocol) driver triggered a
    kernel panic on unexpected packets while the session was in the CLOSED
    state, instead of silently ignoring the packets. A remote attacker
    could exploit this to crash the computer. (CVE-2006-2271)
    
    The SCTP driver did not handle control chunks if they arrived in
    fragmented packets. By sending specially crafted packets to an SCTP
    socket, a remote attacker could exploit this to crash the target
    machine. (CVE-2006-2272)
    
    The SCTP driver did not correctly handle packets containing more than
    one DATA fragment. By sending specially crafted packets to an SCTP
    socket, a remote attacker could exploit this to crash the target
    machine. (CVE-2006-2274)
    
    The SCTP driver did not correcly buffer incoming packets. By sending a
    large number of small messages to a receiver application that cannot
    process the messages quickly enough, a remote attacker could exploit
    this to cause a deadlock in the target machine (Denial of Service).
    (CVE-2006-2275)
    
    Patrick McHardy discovered that the snmp_trap_decode() function did
    not correctly handle memory allocation in some error conditions. By
    sending specially crafted packets to a machine which uses the SNMP
    network address translation (NAT), a remote attacker could exploit
    this to crash that machine. (CVE-2006-2444)
    
    In addition, the Ubuntu 6.06 LTS update fixes a range of bugs.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/302-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20, 119, 189);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-25");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-control");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.10");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.12");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-patch-ubuntu-2.6.10");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-patch-ubuntu-2.6.12");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.10");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.12");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tree-2.6.10");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tree-2.6.12");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2006/03/22");
      script_set_attribute(attribute:"patch_publication_date", value:"2006/06/15");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2006-2019 Canonical, Inc. / NASL script (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("ksplice.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(5\.04|5\.10|6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.04 / 5.10 / 6.06", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2006-0038", "CVE-2006-0744", "CVE-2006-1055", "CVE-2006-1056", "CVE-2006-1522", "CVE-2006-1527", "CVE-2006-1528", "CVE-2006-1855", "CVE-2006-1856", "CVE-2006-1857", "CVE-2006-1858", "CVE-2006-1859", "CVE-2006-1860", "CVE-2006-1863", "CVE-2006-1864", "CVE-2006-2071", "CVE-2006-2271", "CVE-2006-2272", "CVE-2006-2274", "CVE-2006-2275", "CVE-2006-2444");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-302-1");
      }
      else
      {
        _ubuntu_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    
    if (ubuntu_check(osver:"5.04", pkgname:"linux-doc-2.6.10", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-386", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-686", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-686-smp", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-amd64-generic", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-amd64-k8", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-amd64-k8-smp", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-headers-2.6.10-6-amd64-xeon", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-386", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-686", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-686-smp", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-amd64-generic", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-amd64-k8", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-amd64-k8-smp", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-image-2.6.10-6-amd64-xeon", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-patch-ubuntu-2.6.10", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-source-2.6.10", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.04", pkgname:"linux-tree-2.6.10", pkgver:"2.6.10-34.20")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-doc-2.6.12", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-386", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-686", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-686-smp", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-amd64-generic", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-amd64-k8", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-amd64-k8-smp", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-headers-2.6.12-10-amd64-xeon", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-386", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-686", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-686-smp", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-amd64-generic", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-amd64-k8", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-amd64-k8-smp", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-image-2.6.12-10-amd64-xeon", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-patch-ubuntu-2.6.12", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-source-2.6.12", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"5.10", pkgname:"linux-tree-2.6.12", pkgver:"2.6.12-10.34")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"avm-fritz-firmware", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"avm-fritz-firmware-2.6.15-25", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"avm-fritz-kernel-source", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"fglrx-control", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"fglrx-kernel-source", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-386", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-686", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-686-smp", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-generic", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-k8", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-k8-smp", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-server", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-xeon", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-doc", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-doc-2.6.15", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-386", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-686", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-amd64-generic", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-amd64-k8", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-amd64-server", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-amd64-xeon", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-25-server", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-386", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-686", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-generic", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-k8", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-server", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-xeon", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-server", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-386", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-686", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-amd64-generic", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-amd64-k8", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-amd64-server", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-amd64-xeon", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-25-server", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-386", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-686", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-generic", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-k8", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-server", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-xeon", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-server", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-kernel-devel", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-25-386", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-25-686", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-25-amd64-generic", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-25-amd64-k8", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-25-amd64-xeon", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-386", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-686", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-amd64-generic", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-amd64-k8", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-amd64-xeon", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-common", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-server", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-source", pkgver:"2.6.15.23")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-source-2.6.15", pkgver:"2.6.15-25.43")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx-dev", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx-legacy", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx-legacy-dev", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-kernel-source", pkgver:"1.0.8762+2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-legacy-kernel-source", pkgver:"1.0.7174+2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"xorg-driver-fglrx", pkgver:"2.6.15.11-2")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"xorg-driver-fglrx-dev", pkgver:"2.6.15.11-2")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "avm-fritz-firmware / avm-fritz-firmware-2.6.15-25 / etc");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1183.NASL
    descriptionSeveral security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4798 A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service. - CVE-2006-2935 Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code. - CVE-2006-1528 A bug in the SCSI driver allows a local user to cause a denial of service. - CVE-2006-2444 Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service. - CVE-2006-2446 A race condition in the socket buffer handling allows remote attackers to cause a denial of service. - CVE-2006-3745 Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges. - CVE-2006-4535 David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value. The following matrix explains which kernel version for which architecture fixes the problem mentioned above : stable (sarge) Source 2.4.27-10sarge4 Alpha architecture 2.4.27-10sarge4 ARM architecture 2.4.27-2sarge4 Intel IA-32 architecture 2.4.27-10sarge4 Intel IA-64 architecture 2.4.27-10sarge4 Motorola 680x0 architecture 2.4.27-3sarge4 MIPS architectures 2.4.27-10.sarge4.040815-1 PowerPC architecture 2.4.27-10sarge4 IBM S/390 2.4.27-2sarge4 Sun Sparc architecture 2.4.27-9sarge4 FAI 1.9.1sarge4 mindi-kernel 2.4.27-2sarge3 kernel-image-speakup-i386 2.4.27-1.1sarge3 systemimager 3.2.3-6sarge3
    last seen2020-06-01
    modified2020-06-02
    plugin id22725
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22725
    titleDebian DSA-1183-1 : kernel-source-2.4.27 - several vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1184.NASL
    descriptionThis advisory covers the S/390 components of the recent security update for the Linux 2.6.8 kernel that were missing due to technical problems. For reference, please see the text of the original advisory. Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-2660 Toshihiro Iwamoto discovered a memory leak in the handling of direct I/O writes that allows local users to cause a denial of service. - CVE-2005-4798 A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service. - CVE-2006-1052 Stephen Smalley discovered a bug in the SELinux ptrace handling that allows local users with ptrace permissions to change the tracer SID to the SID of another process. - CVE-2006-1343 Pavel Kankovsky discovered an information leak in the getsockopt system call which can be exploited by a local program to leak potentially sensitive memory to userspace. - CVE-2006-1528 Douglas Gilbert reported a bug in the sg driver that allows local users to cause a denial of service by performing direct I/O transfers from the sg driver to memory mapped I/O space. - CVE-2006-1855 Mattia Belletti noticed that certain debugging code left in the process management code could be exploited by a local attacker to cause a denial of service. - CVE-2006-1856 Kostik Belousov discovered a missing LSM file_permission check in the readv and writev functions which might allow attackers to bypass intended access restrictions. - CVE-2006-2444 Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service. - CVE-2006-2446 A race condition in the socket buffer handling allows remote attackers to cause a denial of service. - CVE-2006-2935 Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code. - CVE-2006-2936 A bug in the serial USB driver has been discovered that could be exploited by a custom made USB serial adapter to consume arbitrary amounts of memory. - CVE-2006-3468 James McKenzie discovered a denial of service vulnerability in the NFS driver. When exporting an ext3 file system over NFS, a remote attacker could exploit this to trigger a file system panic by sending a specially crafted UDP packet. - CVE-2006-3745 Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges. - CVE-2006-4093 Olof Johansson discovered that the kernel does not disable the HID0 bit on PowerPC 970 processors which could be exploited by a local attacker to cause a denial of service. - CVE-2006-4145 A bug in the Universal Disk Format (UDF) filesystem driver could be exploited by a local user to cause a denial of service. - CVE-2006-4535 David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value. The following matrix explains which kernel version for which architecture fixes the problem mentioned above : stable (sarge) Source 2.6.8-16sarge5 Alpha architecture 2.6.8-16sarge5 AMD64 architecture 2.6.8-16sarge5 HP Precision architecture 2.6.8-6sarge5 Intel IA-32 architecture 2.6.8-16sarge5 Intel IA-64 architecture 2.6.8-14sarge5 Motorola 680x0 architecture 2.6.8-4sarge5 PowerPC architecture 2.6.8-12sarge5 IBM S/390 2.6.8-5sarge5 Sun Sparc architecture 2.6.8-15sarge5 FAI 1.9.1sarge4
    last seen2020-06-01
    modified2020-06-02
    plugin id22726
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22726
    titleDebian DSA-1184-2 : kernel-source-2.6.8 - several vulnerabilities
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-087.NASL
    descriptionMemory corruption can be triggered remotely when the ip_nat_snmp_basic module is loaded and traffic on port 161 or 162 is NATed. The provided packages are patched to fix this vulnerability. Users who may be running netfilter on important servers are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at : http://www.mandriva.com/en/security/kernelupdate
    last seen2020-06-01
    modified2020-06-02
    plugin id21598
    published2006-05-27
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/21598
    titleMandrake Linux Security Advisory : kernel (MDKSA-2006:087)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0437.NASL
    descriptionUpdated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the eighth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. This is the eighth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include : - addition of the adp94xx and dcdbas device drivers - diskdump support on megaraid_sas, qlogic, and swap partitions - support for new hardware via driver and SCSI white-list updates There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3. There were numerous driver updates and security fixes (elaborated below). Other key areas affected by fixes in this update include the networking subsystem, the NFS and autofs4 file systems, the SCSI and USB subsystems, and architecture-specific handling affecting AMD Opteron and Intel EM64T processors. The following device drivers have been added or upgraded to new versions : adp94xx -------- 1.0.8 (new) bnx2 ----------- 1.4.38 cciss ---------- 2.4.60.RH1 dcdbas --------- 5.6.0-1 (new) e1000 ---------- 7.0.33-k2 emulex --------- 7.3.6 forcedeth ------ 0.30 ipmi ----------- 35.13 qlogic --------- 7.07.04b6 tg3 ------------ 3.52RH The following security bugs were fixed in this update : - a flaw in the USB devio handling of device removal that allowed a local user to cause a denial of service (crash) (CVE-2005-3055, moderate) - a flaw in the exec() handling of multi-threaded tasks using ptrace() that allowed a local user to cause a denial of service (hang of a user process) (CVE-2005-3107, low) - a difference in
    last seen2020-06-01
    modified2020-06-02
    plugin id22135
    published2006-08-04
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22135
    titleCentOS 3 : kernel (CESA-2006:0437)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2006-0617.NASL
    descriptionUpdated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below : * a flaw in the proc file system that allowed a local user to use a suid-wrapper for scripts to gain root privileges (CVE-2006-3626, Important) * a flaw in the SCTP implementation that allowed a local user to cause a denial of service (panic) or to possibly gain root privileges (CVE-2006-3745, Important) * a flaw in NFS exported ext2/ext3 partitions when handling invalid inodes that allowed a remote authenticated user to cause a denial of service (filesystem panic) (CVE-2006-3468, Important) * a flaw in the restore_all code path of the 4/4GB split support of non-hugemem kernels that allowed a local user to cause a denial of service (panic) (CVE-2006-2932, Important) * a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT processing that allowed a remote user to cause a denial of service (crash) or potential memory corruption (CVE-2006-2444, Moderate) * a flaw in the DVD handling of the CDROM driver that could be used together with a custom built USB device to gain root privileges (CVE-2006-2935, Moderate) * a flaw in the handling of O_DIRECT writes that allowed a local user to cause a denial of service (memory consumption) (CVE-2004-2660, Low) * a flaw in the SCTP chunk length handling that allowed a remote user to cause a denial of service (crash) (CVE-2006-1858, Low) * a flaw in the input handling of the ftdi_sio driver that allowed a local user to cause a denial of service (memory consumption) (CVE-2006-2936, Low) In addition a bugfix was added to enable a clean reboot for the IBM Pizzaro machines. Red Hat would like to thank Wei Wang of McAfee Avert Labs and Kirill Korotaev for reporting issues fixed in this erratum. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
    last seen2020-06-01
    modified2020-06-02
    plugin id22279
    published2006-08-30
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22279
    titleCentOS 4 : kernel (CESA-2006:0617)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2006-0617.NASL
    descriptionUpdated kernel packages that fix security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below : From Red Hat Security Advisory 2006-0617 : * a flaw in the proc file system that allowed a local user to use a suid-wrapper for scripts to gain root privileges (CVE-2006-3626, Important) * a flaw in the SCTP implementation that allowed a local user to cause a denial of service (panic) or to possibly gain root privileges (CVE-2006-3745, Important) * a flaw in NFS exported ext2/ext3 partitions when handling invalid inodes that allowed a remote authenticated user to cause a denial of service (filesystem panic) (CVE-2006-3468, Important) * a flaw in the restore_all code path of the 4/4GB split support of non-hugemem kernels that allowed a local user to cause a denial of service (panic) (CVE-2006-2932, Important) * a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT processing that allowed a remote user to cause a denial of service (crash) or potential memory corruption (CVE-2006-2444, Moderate) * a flaw in the DVD handling of the CDROM driver that could be used together with a custom built USB device to gain root privileges (CVE-2006-2935, Moderate) * a flaw in the handling of O_DIRECT writes that allowed a local user to cause a denial of service (memory consumption) (CVE-2004-2660, Low) * a flaw in the SCTP chunk length handling that allowed a remote user to cause a denial of service (crash) (CVE-2006-1858, Low) * a flaw in the input handling of the ftdi_sio driver that allowed a local user to cause a denial of service (memory consumption) (CVE-2006-2936, Low) In addition a bugfix was added to enable a clean reboot for the IBM Pizzaro machines. Red Hat would like to thank Wei Wang of McAfee Avert Labs and Kirill Korotaev for reporting issues fixed in this erratum. From Red Hat Security Advisory ELSA-2006-0689 : * a flaw in the SCTP support that allowed a local user to cause a denial of service (crash) with a specific SO_LINGER value. (CVE-2006-4535, Important) * a flaw in the hugepage table support that allowed a local user to cause a denial of service (crash). (CVE-2005-4811, Important) * a flaw in the mprotect system call that allowed setting write permission for a read-only attachment of shared memory. (CVE-2006-2071, Moderate) * a flaw in HID0[31] (en_attn) register handling on PowerPC 970 systems that allowed a local user to cause a denial of service. (crash) (CVE-2006-4093, Moderate) * a flaw in the perfmon support of Itanium systems that allowed a local user to cause a denial of service by consuming all file descriptors. (CVE-2006-3741, Moderate) * a flaw in the ATM subsystem. On systems with installed ATM hardware and configured ATM support, a remote user could cause a denial of service (panic) by accessing socket buffers memory after freeing them. (CVE-2006-4997, Moderate) * a flaw in the DVB subsystem. On systems with installed DVB hardware and configured DVB support, a remote user could cause a denial of service (panic) by sending a ULE SNDU packet with length of 0. (CVE-2006-4623, Low) * an information leak in the network subsystem that possibly allowed a local user to read sensitive data from kernel memory. (CVE-2006-0039, Low) In addition, two bugfixes for the IPW-2200 wireless driver were included. The first one ensures that wireless management applications correctly identify IPW-2200 controlled devices, while the second fix ensures that DHCP requests using the IPW-2200 operate correctly. Red Hat would like to thank Olof Johansson, Stephane Eranian and Solar Designer for reporting issues fixed in this erratum.
    last seen2020-06-01
    modified2020-06-02
    plugin id67401
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/67401
    titleOracle Linux 4 : kernel (ELSA-2006-0617 / ELSA-2006-0689)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2006-0437.NASL
    descriptionUpdated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the eighth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. This is the eighth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include : - addition of the adp94xx and dcdbas device drivers - diskdump support on megaraid_sas, qlogic, and swap partitions - support for new hardware via driver and SCSI white-list updates There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3. There were numerous driver updates and security fixes (elaborated below). Other key areas affected by fixes in this update include the networking subsystem, the NFS and autofs4 file systems, the SCSI and USB subsystems, and architecture-specific handling affecting AMD Opteron and Intel EM64T processors. The following device drivers have been added or upgraded to new versions : adp94xx -------- 1.0.8 (new) bnx2 ----------- 1.4.38 cciss ---------- 2.4.60.RH1 dcdbas --------- 5.6.0-1 (new) e1000 ---------- 7.0.33-k2 emulex --------- 7.3.6 forcedeth ------ 0.30 ipmi ----------- 35.13 qlogic --------- 7.07.04b6 tg3 ------------ 3.52RH The following security bugs were fixed in this update : - a flaw in the USB devio handling of device removal that allowed a local user to cause a denial of service (crash) (CVE-2005-3055, moderate) - a flaw in the exec() handling of multi-threaded tasks using ptrace() that allowed a local user to cause a denial of service (hang of a user process) (CVE-2005-3107, low) - a difference in
    last seen2020-06-01
    modified2020-06-02
    plugin id22086
    published2006-07-21
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/22086
    titleRHEL 3 : kernel (RHSA-2006:0437)

Oval

accepted2013-04-29T04:13:12.126-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionThe snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
familyunix
idoval:org.mitre.oval:def:11318
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.
version26

Redhat

advisories
  • rhsa
    idRHSA-2006:0437
  • rhsa
    idRHSA-2006:0580
  • rhsa
    idRHSA-2006:0617
rpms
  • kernel-0:2.4.21-47.EL
  • kernel-BOOT-0:2.4.21-47.EL
  • kernel-debuginfo-0:2.4.21-47.EL
  • kernel-doc-0:2.4.21-47.EL
  • kernel-hugemem-0:2.4.21-47.EL
  • kernel-hugemem-unsupported-0:2.4.21-47.EL
  • kernel-smp-0:2.4.21-47.EL
  • kernel-smp-unsupported-0:2.4.21-47.EL
  • kernel-source-0:2.4.21-47.EL
  • kernel-unsupported-0:2.4.21-47.EL
  • kernel-0:2.6.9-42.0.2.EL
  • kernel-debuginfo-0:2.6.9-42.0.2.EL
  • kernel-devel-0:2.6.9-42.0.2.EL
  • kernel-doc-0:2.6.9-42.0.2.EL
  • kernel-hugemem-0:2.6.9-42.0.2.EL
  • kernel-hugemem-devel-0:2.6.9-42.0.2.EL
  • kernel-largesmp-0:2.6.9-42.0.2.EL
  • kernel-largesmp-devel-0:2.6.9-42.0.2.EL
  • kernel-smp-0:2.6.9-42.0.2.EL
  • kernel-smp-devel-0:2.6.9-42.0.2.EL

Seebug

  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:63617
    last seen2017-11-19
    modified2014-07-01
    published2014-07-01
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-63617
    titleLinux Kernel < 2.6.16.18 - (Netfilter NAT SNMP Module) Remote DoS Exploit
  • bulletinFamilyexploit
    descriptionNo description provided by source.
    idSSV:7561
    last seen2017-11-19
    modified2007-12-05
    published2007-12-05
    reporterRoot
    sourcehttps://www.seebug.org/vuldb/ssvid-7561
    titleLinux Kernel &lt; 2.6.16.18 (Netfilter NAT SNMP Module) Remote DoS Exploit

References