Vulnerabilities > CVE-2008-4554 - Unspecified vulnerability in Linux Kernel

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
linux
nessus

Summary

The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.

Vulnerable Configurations

Part Description Count
OS
Linux
969

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_KERNEL-090114.NASL
    descriptionThis update fixes various security issues and several bugs in the openSUSE 11.0 kernel. It was also updated to the stable version 2.6.25.20. CVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call. CVE-2008-5700: libata did not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program. CVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, related to corruption of the vcc table. CVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a denial of service (
    last seen2020-06-01
    modified2020-06-02
    plugin id40011
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40011
    titleopenSUSE Security Update : kernel (kernel-423)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update kernel-423.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(40011);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:34");
    
      script_cve_id("CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4933", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5079", "CVE-2008-5182", "CVE-2008-5300", "CVE-2008-5700", "CVE-2008-5702");
    
      script_name(english:"openSUSE Security Update : kernel (kernel-423)");
      script_summary(english:"Check for the kernel-423 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update fixes various security issues and several bugs in the
    openSUSE 11.0 kernel. It was also updated to the stable version
    2.6.25.20.
    
    CVE-2008-5702: Buffer underflow in the ibwdt_ioctl function in
    drivers/watchdog/ib700wdt.c might allow local users to have an unknown
    impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
    
    CVE-2008-5700: libata did not set minimum timeouts for SG_IO requests,
    which allows local users to cause a denial of service (Programmed I/O
    mode on drives) via multiple simultaneous invocations of an
    unspecified test program.
    
    CVE-2008-5079: net/atm/svc.c in the ATM subsystem allowed local users
    to cause a denial of service (kernel infinite loop) by making two
    calls to svc_listen for the same socket, and then reading a
    /proc/net/atm/*vc file, related to corruption of the vcc table.
    
    CVE-2008-5300: Linux kernel 2.6.28 allows local users to cause a
    denial of service ('soft lockup' and process loss) via a large number
    of sendmsg function calls, which does not block during AF_UNIX garbage
    collection and triggers an OOM condition, a different vulnerability
    than CVE-2008-5029.
    
    CVE-2008-5029: The __scm_destroy function in net/core/scm.c makes
    indirect recursive calls to itself through calls to the fput function,
    which allows local users to cause a denial of service (panic) via
    vectors related to sending an SCM_RIGHTS message through a UNIX domain
    socket and closing file descriptors.
    
    CVE-2008-4933: Buffer overflow in the hfsplus_find_cat function in
    fs/hfsplus/catalog.c allowed attackers to cause a denial of service
    (memory corruption or system crash) via an hfsplus filesystem image
    with an invalid catalog namelength field, related to the
    hfsplus_cat_build_key_uni function.
    
    CVE-2008-5025: Stack-based buffer overflow in the hfs_cat_find_brec
    function in fs/hfs/catalog.c allowed attackers to cause a denial of
    service (memory corruption or system crash) via an hfs filesystem
    image with an invalid catalog namelength field, a related issue to
    CVE-2008-4933.
    
    CVE-2008-5182: The inotify functionality might allow local users to
    gain privileges via unknown vectors related to race conditions in
    inotify watch removal and umount.
    
    CVE-2008-3831: The i915 driver in drivers/char/drm/i915_dma.c does not
    restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager
    (DRM) master, which allows local users to cause a denial of service
    (memory corruption) via a crafted ioctl call, related to absence of
    the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.
    
    CVE-2008-4554: The do_splice_from function in fs/splice.c did not
    reject file descriptors that have the O_APPEND flag set, which allows
    local users to bypass append mode and make arbitrary changes to other
    locations in the file."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=362850"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=371657"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=399966"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=405546"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=419250"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=429919"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=439461"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=442364"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=442594"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=443640"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=443661"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=445569"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=446973"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=447241"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=447406"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=450417"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=457896"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=457897"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=457898"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected kernel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(119, 264, 362, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-rt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-rt_debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2009/01/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-debug-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-default-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-pae-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-rt-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-rt_debug-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-source-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-syms-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-vanilla-2.6.25.20-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"kernel-xen-2.6.25.20-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-debug / kernel-default / kernel-pae / kernel-rt / etc");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-224.NASL
    descriptionSome vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. (CVE-2008-3528) The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl
    last seen2020-06-01
    modified2020-06-02
    plugin id37851
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37851
    titleMandriva Linux Security Advisory : kernel (MDVSA-2008:224-1)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandriva Linux Security Advisory MDVSA-2008:224. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(37851);
      script_version ("1.15");
      script_cvs_date("Date: 2019/08/02 13:32:50");
    
      script_cve_id("CVE-2008-3528", "CVE-2008-3831", "CVE-2008-4554");
      script_xref(name:"MDVSA", value:"2008:224-1");
    
      script_name(english:"Mandriva Linux Security Advisory : kernel (MDVSA-2008:224-1)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandriva Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Some vulnerabilities were discovered and corrected in the Linux 2.6
    kernel :
    
    The error-reporting functionality in (1) fs/ext2/dir.c, (2)
    fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel
    2.6.26.5 does not limit the number of printk console messages that
    report directory corruption, which allows physically proximate
    attackers to cause a denial of service (temporary system hang) by
    mounting a filesystem that has corrupted dir->i_size and dir->i_blocks
    values and performing (a) read or (b) write operations. NOTE: there
    are limited scenarios in which this crosses privilege boundaries.
    (CVE-2008-3528)
    
    The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel
    2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in
    OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct
    Rendering Manager (DRM) master, which allows local users to cause a
    denial of service (memory corruption) via a crafted ioctl call,
    related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the
    ioctl's configuration. (CVE-2008-3831)
    
    The do_splice_from function in fs/splice.c in the Linux kernel before
    2.6.27 does not reject file descriptors that have the O_APPEND flag
    set, which allows local users to bypass append mode and make arbitrary
    changes to other locations in the file. (CVE-2008-4554)
    
    Additionaly, a problem with TCP options ordering, which could manifest
    as connection problems with many websites (bug #43372), was solved, a
    number of fixes for Intel HDA were added, another number of fixes for
    issues on Asus EEE PC, Panasonic Let's Note, Acer One, Dell XPS, and
    others, were also added. Check package changelog for more information.
    
    To update your kernel, please follow the directions located at :
    
    http://www.mandriva.com/en/security/kernelupdate
    
    Update :
    
    The previous update included a patch which introduced a bug that would
    make the boot process to stop halfway in several machines. That patch
    has been removed in this new update, to avoid that problem."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://qa.mandriva.com/43372"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://qa.mandriva.com/43532"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://qa.mandriva.com/43885"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://qa.mandriva.com/44752"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://qa.mandriva.com/44803"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://qa.mandriva.com/45552"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C");
      script_cwe_id(264, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:alsa_raoppcm-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:drm-experimental-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:drm-experimental-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:drm-experimental-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:et131x-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:et131x-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:et131x-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:et131x-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fcpci-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:fglrx-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnbd-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnbd-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gnbd-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hcfpcimodem-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hsfmodem-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hso-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hso-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hso-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:hso-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iscsitarget-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iscsitarget-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:iscsitarget-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-devel-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-2.6.27.4-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kernel-source-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kqemu-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kqemu-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:kqemu-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lirc-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lzma-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:madwifi-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia-current-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia173-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia71xx-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:nvidia96xx-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omfs-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omfs-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omfs-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omfs-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omnibook-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omnibook-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:omnibook-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:opencbm-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:opencbm-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:opencbm-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ov51x-jpeg-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qc-usb-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qc-usb-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:qc-usb-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2860-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2860-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2860-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2870-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2870-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rt2870-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rtl8187se-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rtl8187se-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:rtl8187se-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:slmodem-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:squashfs-lzma-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tp_smapi-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tp_smapi-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tp_smapi-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadd-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadd-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxadd-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxvfs-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxvfs-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vboxvfs-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vhba-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vhba-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vhba-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vhba-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:virtualbox-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-desktop586-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-2.6.27.4-server-2mnb");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-desktop586-latest");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:vpnclient-kernel-server-latest");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/11/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2009.0", reference:"alsa_raoppcm-kernel-2.6.27.4-desktop-2mnb-0.5.1-2mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"alsa_raoppcm-kernel-2.6.27.4-desktop586-2mnb-0.5.1-2mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"alsa_raoppcm-kernel-2.6.27.4-server-2mnb-0.5.1-2mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"alsa_raoppcm-kernel-desktop-latest-0.5.1-1.20081106.2mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"alsa_raoppcm-kernel-desktop586-latest-0.5.1-1.20081106.2mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"alsa_raoppcm-kernel-server-latest-0.5.1-1.20081106.2mdv2008.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"drm-experimental-kernel-2.6.27.4-desktop-2mnb-2.3.0-2.20080912.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"drm-experimental-kernel-2.6.27.4-desktop586-2mnb-2.3.0-2.20080912.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"drm-experimental-kernel-2.6.27.4-server-2mnb-2.3.0-2.20080912.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"drm-experimental-kernel-desktop-latest-2.3.0-1.20081106.2.20080912.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"drm-experimental-kernel-desktop586-latest-2.3.0-1.20081106.2.20080912.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"drm-experimental-kernel-server-latest-2.3.0-1.20081106.2.20080912.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"et131x-kernel-2.6.27.4-desktop-2mnb-1.2.3-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"et131x-kernel-2.6.27.4-desktop586-2mnb-1.2.3-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"et131x-kernel-2.6.27.4-server-2mnb-1.2.3-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"et131x-kernel-desktop-latest-1.2.3-1.20081106.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"et131x-kernel-desktop586-latest-1.2.3-1.20081106.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"et131x-kernel-server-latest-1.2.3-1.20081106.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fcpci-kernel-2.6.27.4-desktop-2mnb-3.11.07-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fcpci-kernel-2.6.27.4-desktop586-2mnb-3.11.07-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fcpci-kernel-2.6.27.4-server-2mnb-3.11.07-7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fcpci-kernel-desktop-latest-3.11.07-1.20081106.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fcpci-kernel-desktop586-latest-3.11.07-1.20081106.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fcpci-kernel-server-latest-3.11.07-1.20081106.7mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"fglrx-kernel-2.6.27.4-desktop-2mnb-8.522-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fglrx-kernel-2.6.27.4-desktop586-2mnb-8.522-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"fglrx-kernel-2.6.27.4-server-2mnb-8.522-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"fglrx-kernel-desktop-latest-8.522-1.20081106.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"fglrx-kernel-desktop586-latest-8.522-1.20081106.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"fglrx-kernel-server-latest-8.522-1.20081106.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnbd-kernel-2.6.27.4-desktop-2mnb-2.03.07-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"gnbd-kernel-2.6.27.4-desktop586-2mnb-2.03.07-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnbd-kernel-2.6.27.4-server-2mnb-2.03.07-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnbd-kernel-desktop-latest-2.03.07-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"gnbd-kernel-desktop586-latest-2.03.07-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"gnbd-kernel-server-latest-2.03.07-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.27.4-desktop-2mnb-1.17-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.27.4-desktop586-2mnb-1.17-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hcfpcimodem-kernel-2.6.27.4-server-2mnb-1.17-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hcfpcimodem-kernel-desktop-latest-1.17-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hcfpcimodem-kernel-desktop586-latest-1.17-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hcfpcimodem-kernel-server-latest-1.17-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hsfmodem-kernel-2.6.27.4-desktop-2mnb-7.68.00.13-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hsfmodem-kernel-2.6.27.4-desktop586-2mnb-7.68.00.13-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hsfmodem-kernel-2.6.27.4-server-2mnb-7.68.00.13-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hsfmodem-kernel-desktop-latest-7.68.00.13-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hsfmodem-kernel-desktop586-latest-7.68.00.13-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hsfmodem-kernel-server-latest-7.68.00.13-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hso-kernel-2.6.27.4-desktop-2mnb-1.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hso-kernel-2.6.27.4-desktop586-2mnb-1.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hso-kernel-2.6.27.4-server-2mnb-1.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hso-kernel-desktop-latest-1.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"hso-kernel-desktop586-latest-1.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"hso-kernel-server-latest-1.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"iscsitarget-kernel-2.6.27.4-desktop-2mnb-0.4.16-4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"iscsitarget-kernel-2.6.27.4-desktop586-2mnb-0.4.16-4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"iscsitarget-kernel-2.6.27.4-server-2mnb-0.4.16-4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"iscsitarget-kernel-desktop-latest-0.4.16-1.20081106.4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"iscsitarget-kernel-desktop586-latest-0.4.16-1.20081106.4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"iscsitarget-kernel-server-latest-0.4.16-1.20081106.4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-desktop-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-desktop-devel-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-desktop-devel-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-desktop-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"kernel-desktop586-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"kernel-desktop586-devel-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"kernel-desktop586-devel-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"kernel-desktop586-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-doc-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-server-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-server-devel-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-server-devel-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-server-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-source-2.6.27.4-2mnb-1-1mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kernel-source-latest-2.6.27.4-2mnb2")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kqemu-kernel-2.6.27.4-desktop-2mnb-1.4.0pre1-0")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"kqemu-kernel-2.6.27.4-desktop586-2mnb-1.4.0pre1-0")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kqemu-kernel-2.6.27.4-server-2mnb-1.4.0pre1-0")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kqemu-kernel-desktop-latest-1.4.0pre1-1.20081106.0")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"kqemu-kernel-desktop586-latest-1.4.0pre1-1.20081106.0")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"kqemu-kernel-server-latest-1.4.0pre1-1.20081106.0")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lirc-kernel-2.6.27.4-desktop-2mnb-0.8.3-4.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"lirc-kernel-2.6.27.4-desktop586-2mnb-0.8.3-4.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lirc-kernel-2.6.27.4-server-2mnb-0.8.3-4.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lirc-kernel-desktop-latest-0.8.3-1.20081106.4.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"lirc-kernel-desktop586-latest-0.8.3-1.20081106.4.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lirc-kernel-server-latest-0.8.3-1.20081106.4.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lzma-kernel-2.6.27.4-desktop-2mnb-4.43-24mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"lzma-kernel-2.6.27.4-desktop586-2mnb-4.43-24mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lzma-kernel-2.6.27.4-server-2mnb-4.43-24mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lzma-kernel-desktop-latest-4.43-1.20081106.24mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"lzma-kernel-desktop586-latest-4.43-1.20081106.24mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"lzma-kernel-server-latest-4.43-1.20081106.24mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"madwifi-kernel-2.6.27.4-desktop-2mnb-0.9.4-3.r3835mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"madwifi-kernel-2.6.27.4-desktop586-2mnb-0.9.4-3.r3835mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"madwifi-kernel-2.6.27.4-server-2mnb-0.9.4-3.r3835mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"madwifi-kernel-desktop-latest-0.9.4-1.20081106.3.r3835mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"madwifi-kernel-desktop586-latest-0.9.4-1.20081106.3.r3835mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"madwifi-kernel-server-latest-0.9.4-1.20081106.3.r3835mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia-current-kernel-2.6.27.4-desktop-2mnb-177.70-2.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia-current-kernel-2.6.27.4-desktop586-2mnb-177.70-2.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia-current-kernel-2.6.27.4-server-2mnb-177.70-2.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia-current-kernel-desktop-latest-177.70-1.20081106.2.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia-current-kernel-desktop586-latest-177.70-1.20081106.2.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia-current-kernel-server-latest-177.70-1.20081106.2.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia173-kernel-2.6.27.4-desktop-2mnb-173.14.12-4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia173-kernel-2.6.27.4-desktop586-2mnb-173.14.12-4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"nvidia173-kernel-2.6.27.4-server-2mnb-173.14.12-4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia173-kernel-desktop-latest-173.14.12-1.20081106.4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia173-kernel-desktop586-latest-173.14.12-1.20081106.4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"nvidia173-kernel-server-latest-173.14.12-1.20081106.4mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia71xx-kernel-2.6.27.4-desktop-2mnb-71.86.06-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia71xx-kernel-2.6.27.4-desktop586-2mnb-71.86.06-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia71xx-kernel-2.6.27.4-server-2mnb-71.86.06-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia71xx-kernel-desktop-latest-71.86.06-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia71xx-kernel-desktop586-latest-71.86.06-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia71xx-kernel-server-latest-71.86.06-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia96xx-kernel-2.6.27.4-desktop-2mnb-96.43.07-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia96xx-kernel-2.6.27.4-desktop586-2mnb-96.43.07-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia96xx-kernel-2.6.27.4-server-2mnb-96.43.07-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia96xx-kernel-desktop-latest-96.43.07-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"nvidia96xx-kernel-desktop586-latest-96.43.07-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"nvidia96xx-kernel-server-latest-96.43.07-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omfs-kernel-2.6.27.4-desktop-2mnb-0.8.0-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"omfs-kernel-2.6.27.4-desktop586-2mnb-0.8.0-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omfs-kernel-2.6.27.4-server-2mnb-0.8.0-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omfs-kernel-desktop-latest-0.8.0-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"omfs-kernel-desktop586-latest-0.8.0-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omfs-kernel-server-latest-0.8.0-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omnibook-kernel-2.6.27.4-desktop-2mnb-20080513-0.274.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"omnibook-kernel-2.6.27.4-desktop586-2mnb-20080513-0.274.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omnibook-kernel-2.6.27.4-server-2mnb-20080513-0.274.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omnibook-kernel-desktop-latest-20080513-1.20081106.0.274.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"omnibook-kernel-desktop586-latest-20080513-1.20081106.0.274.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"omnibook-kernel-server-latest-20080513-1.20081106.0.274.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"opencbm-kernel-2.6.27.4-desktop-2mnb-0.4.2a-1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"opencbm-kernel-2.6.27.4-desktop586-2mnb-0.4.2a-1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"opencbm-kernel-2.6.27.4-server-2mnb-0.4.2a-1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"opencbm-kernel-desktop-latest-0.4.2a-1.20081106.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"opencbm-kernel-desktop586-latest-0.4.2a-1.20081106.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"opencbm-kernel-server-latest-0.4.2a-1.20081106.1mdv2008.1", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"ov51x-jpeg-kernel-2.6.27.4-desktop-2mnb-1.5.8-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"ov51x-jpeg-kernel-2.6.27.4-desktop586-2mnb-1.5.8-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"ov51x-jpeg-kernel-2.6.27.4-server-2mnb-1.5.8-1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"ov51x-jpeg-kernel-desktop-latest-1.5.8-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"ov51x-jpeg-kernel-desktop586-latest-1.5.8-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"ov51x-jpeg-kernel-server-latest-1.5.8-1.20081106.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"qc-usb-kernel-2.6.27.4-desktop-2mnb-0.6.6-6mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"qc-usb-kernel-2.6.27.4-desktop586-2mnb-0.6.6-6mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"qc-usb-kernel-2.6.27.4-server-2mnb-0.6.6-6mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"qc-usb-kernel-desktop-latest-0.6.6-1.20081106.6mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"qc-usb-kernel-desktop586-latest-0.6.6-1.20081106.6mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"qc-usb-kernel-server-latest-0.6.6-1.20081106.6mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2860-kernel-2.6.27.4-desktop-2mnb-1.7.0.0-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"rt2860-kernel-2.6.27.4-desktop586-2mnb-1.7.0.0-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2860-kernel-2.6.27.4-server-2mnb-1.7.0.0-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2860-kernel-desktop-latest-1.7.0.0-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"rt2860-kernel-desktop586-latest-1.7.0.0-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2860-kernel-server-latest-1.7.0.0-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2870-kernel-2.6.27.4-desktop-2mnb-1.3.1.0-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"rt2870-kernel-2.6.27.4-desktop586-2mnb-1.3.1.0-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2870-kernel-2.6.27.4-server-2mnb-1.3.1.0-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2870-kernel-desktop-latest-1.3.1.0-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"rt2870-kernel-desktop586-latest-1.3.1.0-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rt2870-kernel-server-latest-1.3.1.0-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rtl8187se-kernel-2.6.27.4-desktop-2mnb-1016.20080716-1.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"rtl8187se-kernel-2.6.27.4-desktop586-2mnb-1016.20080716-1.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rtl8187se-kernel-2.6.27.4-server-2mnb-1016.20080716-1.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rtl8187se-kernel-desktop-latest-1016.20080716-1.20081106.1.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"rtl8187se-kernel-desktop586-latest-1016.20080716-1.20081106.1.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"rtl8187se-kernel-server-latest-1016.20080716-1.20081106.1.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"slmodem-kernel-2.6.27.4-desktop-2mnb-2.9.11-0.20080817.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"slmodem-kernel-2.6.27.4-desktop586-2mnb-2.9.11-0.20080817.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"slmodem-kernel-2.6.27.4-server-2mnb-2.9.11-0.20080817.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"slmodem-kernel-desktop-latest-2.9.11-1.20081106.0.20080817.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"slmodem-kernel-desktop586-latest-2.9.11-1.20081106.0.20080817.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"slmodem-kernel-server-latest-2.9.11-1.20081106.0.20080817.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"squashfs-lzma-kernel-2.6.27.4-desktop-2mnb-3.3-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"squashfs-lzma-kernel-2.6.27.4-desktop586-2mnb-3.3-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"squashfs-lzma-kernel-2.6.27.4-server-2mnb-3.3-5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"squashfs-lzma-kernel-desktop-latest-3.3-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"squashfs-lzma-kernel-desktop586-latest-3.3-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"squashfs-lzma-kernel-server-latest-3.3-1.20081106.5mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"tp_smapi-kernel-2.6.27.4-desktop-2mnb-0.37-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"tp_smapi-kernel-2.6.27.4-desktop586-2mnb-0.37-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"tp_smapi-kernel-2.6.27.4-server-2mnb-0.37-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"tp_smapi-kernel-desktop-latest-0.37-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"tp_smapi-kernel-desktop586-latest-0.37-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"tp_smapi-kernel-server-latest-0.37-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxadd-kernel-2.6.27.4-desktop-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vboxadd-kernel-2.6.27.4-desktop586-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxadd-kernel-2.6.27.4-server-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxadd-kernel-desktop-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vboxadd-kernel-desktop586-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxadd-kernel-server-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxvfs-kernel-2.6.27.4-desktop-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vboxvfs-kernel-2.6.27.4-desktop586-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxvfs-kernel-2.6.27.4-server-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxvfs-kernel-desktop-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vboxvfs-kernel-desktop586-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vboxvfs-kernel-server-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vhba-kernel-2.6.27.4-desktop-2mnb-1.0.0-1.svn304.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vhba-kernel-2.6.27.4-desktop586-2mnb-1.0.0-1.svn304.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vhba-kernel-2.6.27.4-server-2mnb-1.0.0-1.svn304.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vhba-kernel-desktop-latest-1.0.0-1.20081106.1.svn304.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vhba-kernel-desktop586-latest-1.0.0-1.20081106.1.svn304.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vhba-kernel-server-latest-1.0.0-1.20081106.1.svn304.1mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"virtualbox-kernel-2.6.27.4-desktop-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"virtualbox-kernel-2.6.27.4-desktop586-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"virtualbox-kernel-2.6.27.4-server-2mnb-2.0.2-2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"virtualbox-kernel-desktop-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"virtualbox-kernel-desktop586-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"virtualbox-kernel-server-latest-2.0.2-1.20081106.2mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vpnclient-kernel-2.6.27.4-desktop-2mnb-4.8.01.0640-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vpnclient-kernel-2.6.27.4-desktop586-2mnb-4.8.01.0640-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vpnclient-kernel-2.6.27.4-server-2mnb-4.8.01.0640-3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vpnclient-kernel-desktop-latest-4.8.01.0640-1.20081106.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"vpnclient-kernel-desktop586-latest-4.8.01.0640-1.20081106.3mdv2009.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2009.0", reference:"vpnclient-kernel-server-latest-4.8.01.0640-1.20081106.3mdv2009.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2008-1017.NASL
    descriptionUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. * Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could, potentially, lead to local privilege escalation. Note: the flaw only affects systems based on the Intel G33 Express Chipset and newer. (CVE-2008-3831, Important) * Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important) * a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important) In addition, these updated packages fix the following bugs : * on Itanium(r) systems, when a multithreaded program was traced using the command
    last seen2020-06-01
    modified2020-06-02
    plugin id35179
    published2008-12-16
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35179
    titleRHEL 5 : kernel (RHSA-2008:1017)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:1017. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35179);
      script_version ("1.30");
      script_cvs_date("Date: 2019/10/25 13:36:13");
    
      script_cve_id("CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576");
      script_bugtraq_id(31634, 31792, 31903);
      script_xref(name:"RHSA", value:"2008:1017");
    
      script_name(english:"RHEL 5 : kernel (RHSA-2008:1017)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated kernel packages that resolve several security issues and fix
    various bugs are now available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having important security impact by the
    Red Hat Security Response Team.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    * Olaf Kirch reported a flaw in the i915 kernel driver. This flaw
    could, potentially, lead to local privilege escalation. Note: the flaw
    only affects systems based on the Intel G33 Express Chipset and newer.
    (CVE-2008-3831, Important)
    
    * Miklos Szeredi reported a missing check for files opened with
    O_APPEND in the sys_splice(). This could allow a local, unprivileged
    user to bypass the append-only file restrictions. (CVE-2008-4554,
    Important)
    
    * a deficiency was found in the Linux kernel Stream Control
    Transmission Protocol (SCTP) implementation. This could lead to a
    possible denial of service if one end of a SCTP connection did not
    support the AUTH extension. (CVE-2008-4576, Important)
    
    In addition, these updated packages fix the following bugs :
    
    * on Itanium(r) systems, when a multithreaded program was traced using
    the command 'strace -f', messages such as
    
    PANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740
    leader 10721 ...
    
    will be displayed, and after which the trace would stop. With these
    updated packages, 'strace -f' command no longer results in these error
    messages, and strace terminates normally after tracing all threads.
    
    * on big-endian systems such as PowerPC, the getsockopt() function
    incorrectly returned 0 depending on the parameters passed to it when
    the time to live (TTL) value equaled 255.
    
    * when using an NFSv4 file system, accessing the same file with two
    separate processes simultaneously resulted in the NFS client process
    becoming unresponsive.
    
    * on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall
    correctly returned '-1' in code compiled on Red Hat Enterprise Linux
    5, the same code, when run with the strace utility, would incorrectly
    return an invalid return value. This has been fixed: on AMD64 and
    Intel(r) 64 hypervisor-enabled systems, syscalls in compiled code
    return the same, correct values as syscalls run with strace.
    
    * on the Itanium(r) architecture, fully-virtualized guest domains
    created using more than 64 GB of memory caused other guest domains not
    to receive interrupts. This caused soft lockups on other guests. All
    guest domains are now able to receive interrupts regardless of their
    allotted memory.
    
    * when user-space used SIGIO notification, which was not disabled
    before closing a file descriptor and was then re-enabled in a
    different process, an attempt by the kernel to dereference a stale
    pointer led to a kernel crash. With this fix, such a situation no
    longer causes a kernel crash.
    
    * modifications to certain pages made through a memory-mapped region
    could have been lost in cases when the NFS client needed to invalidate
    the page cache for that particular memory-mapped file.
    
    * fully-virtualized Windows(r) guests became unresponsive due to the
    vIOSAPIC component being multiprocessor-unsafe. With this fix,
    vIOSAPIC is multiprocessor-safe and Windows guests do not become
    unresponsive.
    
    * on certain systems, keyboard controllers could not withstand
    continuous requests to switch keyboard LEDs on or off. This resulted
    in some or all key presses not being registered by the system.
    
    * on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl
    parameter caused a kernel stack overflow resulting in a kernel panic,
    and possibly stack corruption. With this fix, setting vm.nr_hugepages
    works correctly.
    
    * hugepages allow the Linux kernel to utilize the multiple page size
    capabilities of modern hardware architectures. In certain
    configurations, systems with large amounts of memory could fail to
    allocate most of this memory for hugepages even if it was free. This
    could result, for example, in database restart failures.
    
    Users should upgrade to these updated packages, which contain
    backported patches to correct these issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-3831"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-4554"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2008-4576"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2008:1017"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(264, 287, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/10/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/16");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2008:1017");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2008:1017";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-PAE-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-debug-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-debug-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-debug-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", reference:"kernel-doc-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"kernel-headers-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-headers-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-headers-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"s390x", reference:"kernel-kdump-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i686", reference:"kernel-xen-devel-2.6.18-92.1.22.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"kernel-xen-devel-2.6.18-92.1.22.el5")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc");
      }
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2008-1017.NASL
    descriptionUpdated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. * Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could, potentially, lead to local privilege escalation. Note: the flaw only affects systems based on the Intel G33 Express Chipset and newer. (CVE-2008-3831, Important) * Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important) * a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important) In addition, these updated packages fix the following bugs : * on Itanium(r) systems, when a multithreaded program was traced using the command
    last seen2020-06-01
    modified2020-06-02
    plugin id43719
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43719
    titleCentOS 5 : kernel (CESA-2008:1017)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2008:1017 and 
    # CentOS Errata and Security Advisory 2008:1017 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(43719);
      script_version("1.17");
      script_cvs_date("Date: 2019/10/25 13:36:04");
    
      script_cve_id("CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576");
      script_bugtraq_id(31634, 31792, 31903);
      script_xref(name:"RHSA", value:"2008:1017");
    
      script_name(english:"CentOS 5 : kernel (CESA-2008:1017)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated kernel packages that resolve several security issues and fix
    various bugs are now available for Red Hat Enterprise Linux 5.
    
    This update has been rated as having important security impact by the
    Red Hat Security Response Team.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    * Olaf Kirch reported a flaw in the i915 kernel driver. This flaw
    could, potentially, lead to local privilege escalation. Note: the flaw
    only affects systems based on the Intel G33 Express Chipset and newer.
    (CVE-2008-3831, Important)
    
    * Miklos Szeredi reported a missing check for files opened with
    O_APPEND in the sys_splice(). This could allow a local, unprivileged
    user to bypass the append-only file restrictions. (CVE-2008-4554,
    Important)
    
    * a deficiency was found in the Linux kernel Stream Control
    Transmission Protocol (SCTP) implementation. This could lead to a
    possible denial of service if one end of a SCTP connection did not
    support the AUTH extension. (CVE-2008-4576, Important)
    
    In addition, these updated packages fix the following bugs :
    
    * on Itanium(r) systems, when a multithreaded program was traced using
    the command 'strace -f', messages such as
    
    PANIC: attached pid 10740 exited PANIC: handle_group_exit: 10740
    leader 10721 ...
    
    will be displayed, and after which the trace would stop. With these
    updated packages, 'strace -f' command no longer results in these error
    messages, and strace terminates normally after tracing all threads.
    
    * on big-endian systems such as PowerPC, the getsockopt() function
    incorrectly returned 0 depending on the parameters passed to it when
    the time to live (TTL) value equaled 255.
    
    * when using an NFSv4 file system, accessing the same file with two
    separate processes simultaneously resulted in the NFS client process
    becoming unresponsive.
    
    * on AMD64 and Intel(r) 64 hypervisor-enabled systems, when a syscall
    correctly returned '-1' in code compiled on Red Hat Enterprise Linux
    5, the same code, when run with the strace utility, would incorrectly
    return an invalid return value. This has been fixed: on AMD64 and
    Intel(r) 64 hypervisor-enabled systems, syscalls in compiled code
    return the same, correct values as syscalls run with strace.
    
    * on the Itanium(r) architecture, fully-virtualized guest domains
    created using more than 64 GB of memory caused other guest domains not
    to receive interrupts. This caused soft lockups on other guests. All
    guest domains are now able to receive interrupts regardless of their
    allotted memory.
    
    * when user-space used SIGIO notification, which was not disabled
    before closing a file descriptor and was then re-enabled in a
    different process, an attempt by the kernel to dereference a stale
    pointer led to a kernel crash. With this fix, such a situation no
    longer causes a kernel crash.
    
    * modifications to certain pages made through a memory-mapped region
    could have been lost in cases when the NFS client needed to invalidate
    the page cache for that particular memory-mapped file.
    
    * fully-virtualized Windows(r) guests became unresponsive due to the
    vIOSAPIC component being multiprocessor-unsafe. With this fix,
    vIOSAPIC is multiprocessor-safe and Windows guests do not become
    unresponsive.
    
    * on certain systems, keyboard controllers could not withstand
    continuous requests to switch keyboard LEDs on or off. This resulted
    in some or all key presses not being registered by the system.
    
    * on the Itanium(r) architecture, setting the 'vm.nr_hugepages' sysctl
    parameter caused a kernel stack overflow resulting in a kernel panic,
    and possibly stack corruption. With this fix, setting vm.nr_hugepages
    works correctly.
    
    * hugepages allow the Linux kernel to utilize the multiple page size
    capabilities of modern hardware architectures. In certain
    configurations, systems with large amounts of memory could fail to
    allocate most of this memory for hugepages even if it was free. This
    could result, for example, in database restart failures.
    
    Users should upgrade to these updated packages, which contain
    backported patches to correct these issues."
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-December/015497.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?22cb3c6b"
      );
      # https://lists.centos.org/pipermail/centos-announce/2008-December/015498.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9a791612"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected kernel packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(264, 287, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-PAE");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-PAE-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kernel-xen-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/10/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-5", reference:"kernel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", cpu:"i386", reference:"kernel-PAE-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-debug-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-debug-devel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-devel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-doc-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-headers-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-xen-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"kernel-xen-devel-2.6.18-92.1.22.el5")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc");
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20081216_KERNEL_ON_SL5_X.NASL
    description - Olaf Kirch reported a flaw in the i915 kernel driver that only affects the Intel G33 series and newer. This flaw could, potentially, lead to local privilege escalation. (CVE-2008-3831, Important) - Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important) - a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important) In addition, these updated packages fix the following bugs : - on Itanium&reg; systems, when a multithreaded program was traced using the command
    last seen2020-06-01
    modified2020-06-02
    plugin id60508
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60508
    titleScientific Linux Security Update : kernel on SL5.x i386/x86_64
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(60508);
      script_version("1.6");
      script_cvs_date("Date: 2019/10/25 13:36:18");
    
      script_cve_id("CVE-2008-3831", "CVE-2008-4554", "CVE-2008-4576");
    
      script_name(english:"Scientific Linux Security Update : kernel on SL5.x i386/x86_64");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "  - Olaf Kirch reported a flaw in the i915 kernel driver
        that only affects the Intel G33 series and newer. This
        flaw could, potentially, lead to local privilege
        escalation. (CVE-2008-3831, Important)
    
      - Miklos Szeredi reported a missing check for files opened
        with O_APPEND in the sys_splice(). This could allow a
        local, unprivileged user to bypass the append-only file
        restrictions. (CVE-2008-4554, Important)
    
      - a deficiency was found in the Linux kernel Stream
        Control Transmission Protocol (SCTP) implementation.
        This could lead to a possible denial of service if one
        end of a SCTP connection did not support the AUTH
        extension. (CVE-2008-4576, Important)
    
    In addition, these updated packages fix the following bugs :
    
      - on Itanium&reg; systems, when a multithreaded program
        was traced using the command 'strace -f', messages
        similar to the following ones were displayed, after
        which the trace would stop :
    
        PANIC: attached pid 10740 exited PANIC:
        handle_group_exit: 10740 leader 10721 PANIC: attached
        pid 10739 exited PANIC: handle_group_exit: 10739 leader
        10721 ...
    
    In these updated packages, tracing a multithreaded program using the
    'strace -f' command no longer results in these error messages, and
    strace terminates normally after tracing all threads.
    
      - on big-endian systems such as PowerPC, the getsockopt()
        function incorrectly returned 0 depending on the
        parameters passed to it when the time to live (TTL)
        value equaled 255.
    
      - when using an NFSv4 file system, accessing the same file
        with two separate processes simultaneously resulted in
        the NFS client process becoming unresponsive.
    
      - on AMD64 and Intel&reg; 64 hypervisor-enabled systems,
        in cases in which a syscall correctly returned '-1' in
        code compiled on Red Hat Enterprise Linux 5, the same
        code, when run with the strace utility, would
        incorrectly return an invalid return value. This has
        been fixed so that on AMD64 and Intel&reg; 64
        hypervisor-enabled systems, syscalls in compiled code
        return the same, correct values as syscalls do when run
        with strace.
    
      - on the Itanium&reg; architecture, fully-virtualized
        guest domains which were created using more than 64 GB
        of memory caused other guest domains not to receive
        interrupts, which caused a soft lockup on other guests.
        All guest domains are now able to receive interrupts
        regardless of their allotted memory.
    
      - when user-space used SIGIO notification, which wasn't
        disabled before closing a file descriptor, and was then
        re-enabled in a different process, an attempt by the
        kernel to dereference a stale pointer led to a kernel
        crash. With this fix, such a situation no longer causes
        a kernel crash.
    
      - modifications to certain pages made through a
        memory-mapped region could have been lost in cases when
        the NFS client needed to invalidate the page cache for
        that particular memory-mapped file.
    
      - fully-virtualized Windows guests became unresponsive due
        to the vIOSAPIC component being multiprocessor-unsafe.
        With this fix, vIOSAPIC is multiprocessor-safe and
        Windows guests do not become unresponsive.
    
      - on certain systems, keyboard controllers were not able
        to withstand a continuous flow of requests to switch
        keyboard LEDs on or off, which resulted in some or all
        key presses not being registered by the system.
    
      - on the Itanium&reg; architecture, setting the
        'vm.nr_hugepages' sysctl parameter caused a kernel stack
        overflow resulting in a kernel panic, and possibly stack
        corruption. With this fix, setting vm.nr_hugepages works
        correctly.
    
      - hugepages allow the Linux kernel to utilize the multiple
        page size capabilities of modern hardware architectures.
        In certain configurations, systems with large amounts of
        memory could fail to allocate most of memory for
        hugepages even if it was free, which could have
        resulted, for example, in database restart failures."
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0812&L=scientific-linux-errata&T=0&P=1388
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?0b5551e4"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
      script_cwe_id(264, 287, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/10/15");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL5", reference:"kernel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", cpu:"i386", reference:"kernel-PAE-devel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debug-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-debug-devel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-devel-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-doc-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-headers-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-xen-2.6.18-92.1.22.el5")) flag++;
    if (rpm_check(release:"SL5", reference:"kernel-xen-devel-2.6.18-92.1.22.el5")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1681.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. - CVE-2008-4554 Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. - CVE-2008-4576 Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. - CVE-2008-4618 Wei Yongjun reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel panic. - CVE-2008-4933 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. - CVE-2008-4934 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. - CVE-2008-5025 Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. - CVE-2008-5029 Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. - CVE-2008-5134 Johannes Berg reported a remote DoS issue in the libertas wireless driver, which can be triggered by a specially crafted beacon/probe response. - CVE-2008-5182 Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. - CVE-2008-5300 Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
    last seen2020-06-01
    modified2020-06-02
    plugin id35036
    published2008-12-05
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35036
    titleDebian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1681. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35036);
      script_version("1.15");
      script_cvs_date("Date: 2019/08/02 13:32:21");
    
      script_cve_id("CVE-2008-3528", "CVE-2008-4554", "CVE-2008-4576", "CVE-2008-4618", "CVE-2008-4933", "CVE-2008-4934", "CVE-2008-5025", "CVE-2008-5029", "CVE-2008-5134", "CVE-2008-5182", "CVE-2008-5300");
      script_bugtraq_id(31634, 31903, 32093, 32154, 32289);
      script_xref(name:"DSA", value:"1681");
    
      script_name(english:"Debian DSA-1681-1 : linux-2.6.24 - denial of service/privilege escalation");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a denial of service or privilege escalation. The Common
    Vulnerabilities and Exposures project identifies the following
    problems :
    
      - CVE-2008-3528
        Eugene Teo reported a local DoS issue in the ext2 and
        ext3 filesystems. Local users who have been granted the
        privileges necessary to mount a filesystem would be able
        to craft a corrupted filesystem that causes the kernel
        to output error messages in an infinite loop.
    
      - CVE-2008-4554
        Milos Szeredi reported that the usage of splice() on
        files opened with O_APPEND allows users to write to the
        file at arbitrary offsets, enabling a bypass of possible
        assumed semantics of the O_APPEND flag.
    
      - CVE-2008-4576
        Vlad Yasevich reported an issue in the SCTP subsystem
        that may allow remote users to cause a local DoS by
        triggering a kernel oops.
    
      - CVE-2008-4618
        Wei Yongjun reported an issue in the SCTP subsystem that
        may allow remote users to cause a local DoS by
        triggering a kernel panic.
    
      - CVE-2008-4933
        Eric Sesterhenn reported a local DoS issue in the
        hfsplus filesystem. Local users who have been granted
        the privileges necessary to mount a filesystem would be
        able to craft a corrupted filesystem that causes the
        kernel to overrun a buffer, resulting in a system oops
        or memory corruption.
    
      - CVE-2008-4934
        Eric Sesterhenn reported a local DoS issue in the
        hfsplus filesystem. Local users who have been granted
        the privileges necessary to mount a filesystem would be
        able to craft a corrupted filesystem that results in a
        kernel oops due to an unchecked return value.
    
      - CVE-2008-5025
        Eric Sesterhenn reported a local DoS issue in the hfs
        filesystem. Local users who have been granted the
        privileges necessary to mount a filesystem would be able
        to craft a filesystem with a corrupted catalog name
        length, resulting in a system oops or memory corruption.
    
      - CVE-2008-5029
        Andrea Bittau reported a DoS issue in the unix socket
        subsystem that allows a local user to cause memory
        corruption, resulting in a kernel panic.
    
      - CVE-2008-5134
        Johannes Berg reported a remote DoS issue in the
        libertas wireless driver, which can be triggered by a
        specially crafted beacon/probe response.
    
      - CVE-2008-5182
        Al Viro reported race conditions in the inotify
        subsystem that may allow local users to acquire elevated
        privileges.
    
      - CVE-2008-5300
        Dann Frazier reported a DoS condition that allows local
        users to cause the out of memory handler to kill off
        privileged processes or trigger soft lockups due to a
        starvation issue in the unix socket subsystem."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-3528"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-4554"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-4576"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-4618"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-4933"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-4934"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5025"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5029"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5134"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5182"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5300"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2008/dsa-1681"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the linux-2.6.24 packages.
    
    For the stable distribution (etch), these problems have been fixed in
    version 2.6.24-6~etchnhalf.7."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(20, 119, 264, 287, 362, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-2.6.24");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2008/09/27");
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/05");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"4.0", prefix:"linux-doc-2.6.24", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-486", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-4kc-malta", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-5kc-malta", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-686", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-686-bigmem", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-alpha", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-amd64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-arm", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-hppa", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-i386", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-ia64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-mips", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-mipsel", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-powerpc", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-s390", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-all-sparc", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-alpha-generic", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-alpha-legacy", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-alpha-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-amd64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-common", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-footbridge", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-iop32x", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-itanium", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-ixp4xx", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-mckinley", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-parisc", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-parisc-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-parisc64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-parisc64-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-powerpc", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-powerpc-miboot", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-powerpc-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-powerpc64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-r4k-ip22", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-r5k-cobalt", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-r5k-ip32", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-s390", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-s390x", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-sb1-bcm91250a", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-sb1a-bcm91480b", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-sparc64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-headers-2.6.24-etchnhalf.1-sparc64-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-486", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-4kc-malta", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-5kc-malta", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-686", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-686-bigmem", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-alpha-generic", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-alpha-legacy", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-alpha-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-amd64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-footbridge", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-iop32x", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-itanium", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-ixp4xx", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-mckinley", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-parisc", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-parisc-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-parisc64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-parisc64-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-powerpc", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-powerpc-miboot", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-powerpc-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-powerpc64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-r4k-ip22", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-r5k-cobalt", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-r5k-ip32", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-s390", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-s390-tape", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-s390x", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-sb1-bcm91250a", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-sb1a-bcm91480b", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-sparc64", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-image-2.6.24-etchnhalf.1-sparc64-smp", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-manual-2.6.24", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-patch-debian-2.6.24", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-source-2.6.24", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-support-2.6.24-etchnhalf.1", reference:"2.6.24-6~etchnhalf.7")) flag++;
    if (deb_check(release:"4.0", prefix:"linux-tree-2.6.24", reference:"2.6.24-6~etchnhalf.7")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2008-1017.NASL
    descriptionFrom Red Hat Security Advisory 2008:1017 : Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux operating system. * Olaf Kirch reported a flaw in the i915 kernel driver. This flaw could, potentially, lead to local privilege escalation. Note: the flaw only affects systems based on the Intel G33 Express Chipset and newer. (CVE-2008-3831, Important) * Miklos Szeredi reported a missing check for files opened with O_APPEND in the sys_splice(). This could allow a local, unprivileged user to bypass the append-only file restrictions. (CVE-2008-4554, Important) * a deficiency was found in the Linux kernel Stream Control Transmission Protocol (SCTP) implementation. This could lead to a possible denial of service if one end of a SCTP connection did not support the AUTH extension. (CVE-2008-4576, Important) In addition, these updated packages fix the following bugs : * on Itanium(r) systems, when a multithreaded program was traced using the command
    last seen2020-06-01
    modified2020-06-02
    plugin id67772
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67772
    titleOracle Linux 5 : kernel (ELSA-2008-1017)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-8980.NASL
    descriptionUpdate kernel from version 2.6.26.5 to 2.6.26.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247. CVE-2008-3525 The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. CVE-2008-4554 The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. CVE-2008-4576 sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires. Also fixes these bugs reported against Fedora 9: 465873 - kernel build-id note corruption 466303 - IPSec kernel lockup. 464613 - 11143 unconditional linker option arch/powerpc/lib/crtsavres.o causes external module buildfailure 463034 - [sata_nv swncq] kernel 2.6.26.3-29 raid errors:
    last seen2020-06-01
    modified2020-06-02
    plugin id34481
    published2008-10-24
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34481
    titleFedora 8 : kernel-2.6.26.6-49.fc8 (2008-8980)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-679-1.NASL
    descriptionIt was discovered that the Xen hypervisor block driver did not correctly validate requests. A user with root privileges in a guest OS could make a malicious IO request with a large number of blocks that would crash the host OS, leading to a denial of service. This only affected Ubuntu 7.10. (CVE-2007-5498) It was discovered the the i915 video driver did not correctly validate memory addresses. A local attacker could exploit this to remap memory that could cause a system crash, leading to a denial of service. This issue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu 7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as well. (CVE-2008-3831) David Watson discovered that the kernel did not correctly strip permissions when creating files in setgid directories. A local user could exploit this to gain additional group privileges. This issue only affected Ubuntu 6.06. (CVE-2008-4210) Olaf Kirch and Miklos Szeredi discovered that the Linux kernel did not correctly reject the
    last seen2020-06-01
    modified2020-06-02
    plugin id37683
    published2009-04-23
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37683
    titleUbuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.15/22 vulnerabilities (USN-679-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_KERNEL-6274.NASL
    descriptionThis kernel update for openSUSE 10.3 fixes some bugs and several security problems. The following security issues are fixed: A local denial of service problem in the splice(2) system call. CVE-2009-0834: The audit_syscall_entry function in the Linux kernel on the x86_64 platform did not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls. CVE-2009-1072: nfsd in the Linux kernel did not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. CVE-2009-0835 The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod. CVE-2009-1439: Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) or potential code execution via a long nativeFileSystem field in a Tree Connect response to an SMB mount request. This requires that kernel can be made to mount a
    last seen2020-06-01
    modified2020-06-02
    plugin id39335
    published2009-06-09
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39335
    titleopenSUSE 10 Security Update : kernel (kernel-6274)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-8929.NASL
    descriptionUpdate kernel from version 2.6.26.5 to 2.6.26.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.6 CVE-2008-3831 An IOCTL in the i915 driver was not properly restricted to users with the proper capabilities to use it. CVE-2008-4410 The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function calls, related to the Java Runtime Environment (JRE) experiencing improper LDT selector state, a different vulnerability than CVE-2008-3247. CVE-2008-3525 The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMANSIPATE ioctl request, which allows local users to bypass intended capability restrictions. CVE-2008-4554 The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file. CVE-2008-4576 sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the OOPS when the T1-Init timer expires. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34480
    published2008-10-24
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34480
    titleFedora 9 : kernel-2.6.26.6-79.fc9 (2008-8929)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1687.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3527 Tavis Ormandy reported a local DoS and potential privilege escalation in the Virtual Dynamic Shared Objects (vDSO) implementation. - CVE-2008-3528 Eugene Teo reported a local DoS issue in the ext2 and ext3 filesystems. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to output error messages in an infinite loop. - CVE-2008-4554 Milos Szeredi reported that the usage of splice() on files opened with O_APPEND allows users to write to the file at arbitrary offsets, enabling a bypass of possible assumed semantics of the O_APPEND flag. - CVE-2008-4576 Vlad Yasevich reported an issue in the SCTP subsystem that may allow remote users to cause a local DoS by triggering a kernel oops. - CVE-2008-4933 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that causes the kernel to overrun a buffer, resulting in a system oops or memory corruption. - CVE-2008-4934 Eric Sesterhenn reported a local DoS issue in the hfsplus filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a corrupted filesystem that results in a kernel oops due to an unchecked return value. - CVE-2008-5025 Eric Sesterhenn reported a local DoS issue in the hfs filesystem. Local users who have been granted the privileges necessary to mount a filesystem would be able to craft a filesystem with a corrupted catalog name length, resulting in a system oops or memory corruption. - CVE-2008-5029 Andrea Bittau reported a DoS issue in the unix socket subsystem that allows a local user to cause memory corruption, resulting in a kernel panic. - CVE-2008-5079 Hugo Dias reported a DoS condition in the ATM subsystem that can be triggered by a local user by calling the svc_listen function twice on the same socket and reading /proc/net/atm/*vc. - CVE-2008-5182 Al Viro reported race conditions in the inotify subsystem that may allow local users to acquire elevated privileges. - CVE-2008-5300 Dann Frazier reported a DoS condition that allows local users to cause the out of memory handler to kill off privileged processes or trigger soft lockups due to a starvation issue in the unix socket subsystem.
    last seen2020-06-01
    modified2020-06-02
    plugin id35174
    published2008-12-16
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35174
    titleDebian DSA-1687-1 : linux-2.6 - denial of service/privilege escalation

Oval

accepted2013-04-29T04:11:48.700-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionThe do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
familyunix
idoval:org.mitre.oval:def:11142
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleThe do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
version18

Redhat

advisories
  • rhsa
    idRHSA-2008:1017
  • rhsa
    idRHSA-2009:0009
rpms
  • kernel-0:2.6.18-92.1.22.el5
  • kernel-PAE-0:2.6.18-92.1.22.el5
  • kernel-PAE-debuginfo-0:2.6.18-92.1.22.el5
  • kernel-PAE-devel-0:2.6.18-92.1.22.el5
  • kernel-debug-0:2.6.18-92.1.22.el5
  • kernel-debug-debuginfo-0:2.6.18-92.1.22.el5
  • kernel-debug-devel-0:2.6.18-92.1.22.el5
  • kernel-debuginfo-0:2.6.18-92.1.22.el5
  • kernel-debuginfo-common-0:2.6.18-92.1.22.el5
  • kernel-devel-0:2.6.18-92.1.22.el5
  • kernel-doc-0:2.6.18-92.1.22.el5
  • kernel-headers-0:2.6.18-92.1.22.el5
  • kernel-kdump-0:2.6.18-92.1.22.el5
  • kernel-kdump-debuginfo-0:2.6.18-92.1.22.el5
  • kernel-kdump-devel-0:2.6.18-92.1.22.el5
  • kernel-xen-0:2.6.18-92.1.22.el5
  • kernel-xen-debuginfo-0:2.6.18-92.1.22.el5
  • kernel-xen-devel-0:2.6.18-92.1.22.el5
  • kernel-rt-0:2.6.24.7-93.el5rt
  • kernel-rt-debug-0:2.6.24.7-93.el5rt
  • kernel-rt-debug-debuginfo-0:2.6.24.7-93.el5rt
  • kernel-rt-debug-devel-0:2.6.24.7-93.el5rt
  • kernel-rt-debuginfo-0:2.6.24.7-93.el5rt
  • kernel-rt-debuginfo-common-0:2.6.24.7-93.el5rt
  • kernel-rt-devel-0:2.6.24.7-93.el5rt
  • kernel-rt-doc-0:2.6.24.7-93.el5rt
  • kernel-rt-trace-0:2.6.24.7-93.el5rt
  • kernel-rt-trace-debuginfo-0:2.6.24.7-93.el5rt
  • kernel-rt-trace-devel-0:2.6.24.7-93.el5rt
  • kernel-rt-vanilla-0:2.6.24.7-93.el5rt
  • kernel-rt-vanilla-debuginfo-0:2.6.24.7-93.el5rt
  • kernel-rt-vanilla-devel-0:2.6.24.7-93.el5rt

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 31903 CVE ID:CVE-2008-4554 CNCVE ID:CNCVE-20084554 Linux是一款开放源代码的操作系统。 Linux在执行部分文件操作时'do_splice_from()'函数不正确拒绝文件描述符,本地攻击者可以利用漏洞绕过本地安全限制。 攻击者可以绕过append-only限制,破坏系统文件。 RedHat Fedora 9 0 RedHat Fedora 8 0 Linux kernel 2.6.26 4 Linux kernel 2.6.26 3 Linux kernel 2.6.26 .6 Linux kernel 2.6.26 -rc6 Linux kernel 2.6.25 .9 Linux kernel 2.6.25 .8 Linux kernel 2.6.25 .7 Linux kernel 2.6.25 .6 Linux kernel 2.6.25 .5 Linux kernel 2.6.25 .15 Linux kernel 2.6.25 .13 Linux kernel 2.6.25 .12 Linux kernel 2.6.25 .11 Linux kernel 2.6.25 .10 Linux kernel 2.6.25 Linux kernel 2.6.24 .2 Linux kernel 2.6.24 .1 Linux kernel 2.6.24 -rc5 Linux kernel 2.6.24 -rc4 Linux kernel 2.6.24 -rc3 Linux kernel 2.6.23 .7 Linux kernel 2.6.23 .6 Linux kernel 2.6.23 .5 Linux kernel 2.6.23 .4 Linux kernel 2.6.23 .3 Linux kernel 2.6.23 .2 Linux kernel 2.6.23 -rc2 Linux kernel 2.6.23 -rc1 Linux kernel 2.6.23 Linux kernel 2.6.22 7 Linux kernel 2.6.22 1 Linux kernel 2.6.22 .8 Linux kernel 2.6.22 .6 Linux kernel 2.6.22 .5 Linux kernel 2.6.22 .4 Linux kernel 2.6.22 .3 Linux kernel 2.6.22 .17 Linux kernel 2.6.22 .16 Linux kernel 2.6.22 .15 Linux kernel 2.6.22 .14 Linux kernel 2.6.22 .13 Linux kernel 2.6.22 .12 Linux kernel 2.6.22 .11 Linux kernel 2.6.22 Linux kernel 2.6.21 4 Linux kernel 2.6.21 .7 Linux kernel 2.6.21 .6 Linux kernel 2.6.21 .2 Linux kernel 2.6.21 .1 Linux kernel 2.6.21 Linux kernel 2.6.20 .9 Linux kernel 2.6.20 .8 Linux kernel 2.6.20 .5 Linux kernel 2.6.20 .4 Linux kernel 2.6.20 .15 Linux kernel 2.6.20 Linux kernel 2.6.19 1 Linux kernel 2.6.19 .2 Linux kernel 2.6.19 .1 Linux kernel 2.6.19 -rc4 Linux kernel 2.6.19 -rc3 Linux kernel 2.6.19 -rc2 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.19 -rc1 Linux kernel 2.6.19 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.18 .4 Linux kernel 2.6.18 .3 Linux kernel 2.6.18 .1 Linux kernel 2.6.18 Linux kernel 2.6.17 .8 Linux kernel 2.6.17 .7 Linux kernel 2.6.17 .6 Linux kernel 2.6.17 .5 Linux kernel 2.6.17 .3 Linux kernel 2.6.17 .2 Linux kernel 2.6.17 .14 Linux kernel 2.6.17 .13 Linux kernel 2.6.17 .12 Linux kernel 2.6.17 .11 Linux kernel 2.6.17 .10 Linux kernel 2.6.17 .1 Linux kernel 2.6.17 -rc5 Linux kernel 2.6.17 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.16 27 Linux kernel 2.6.16 13 Linux kernel 2.6.16 .9 Linux kernel 2.6.16 .7 Linux kernel 2.6.16 .23 Linux kernel 2.6.16 .19 Linux kernel 2.6.16 .12 Linux kernel 2.6.16 .11 Linux kernel 2.6.16 .1 Linux kernel 2.6.16 -rc1 Linux kernel 2.6.16 Linux kernel 2.6.15 .4 Linux kernel 2.6.15 .3 Linux kernel 2.6.15 .2 Linux kernel 2.6.15 .1 Linux kernel 2.6.15 -rc3 Linux kernel 2.6.15 -rc2 Linux kernel 2.6.15 -rc1 Linux kernel 2.6.15 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 Linux kernel 2.6.15 Linux kernel 2.6.2 Linux kernel 2.6.26.1 Linux kernel 2.6.26-rc5-git1 Linux kernel 2.6.25.4 Linux kernel 2.6.25.3 Linux kernel 2.6.25.2 Linux kernel 2.6.25.1 Linux kernel 2.6.24.6 Linux kernel 2.6.24-rc2 Linux kernel 2.6.24-rc1 Linux kernel 2.6.23.14 Linux kernel 2.6.23.10 Linux kernel 2.6.23.1 Linux kernel 2.6.23.09 Linux kernel 2.6.22-rc7 Linux kernel 2.6.22-rc1 Linux kernel 2.6.21-RC6 Linux kernel 2.6.21-RC5 Linux kernel 2.6.21-RC4 Linux kernel 2.6.21-RC3 Linux kernel 2.6.21-RC3 Linux kernel 2.6.20.3 Linux kernel 2.6.20.2 Linux kernel 2.6.20.13 Linux kernel 2.6.20.11 Linux kernel 2.6.20.1 Linux kernel 2.6.20-rc2 Linux kernel 2.6.20-2 Linux kernel 2.6.18-8.1.8.el5 Linux kernel 2.6.18-53 Linux kernel 2.6.18 Linux kernel 2.6.15.5 Linux kernel 2.6.15.11 Linux kernel 2.6.15-27.48 可参考如下安全公告获得补丁信息: <a href=https://bugzilla.redhat.com/show_bug.cgi?id=466707 target=_blank>https://bugzilla.redhat.com/show_bug.cgi?id=466707</a>
idSSV:4350
last seen2017-11-19
modified2008-10-28
published2008-10-28
reporterRoot
titleLinux Kernel 'do_splice_from()'本地安全绕过漏洞