Vulnerabilities > CVE-2008-6107 - Resource Management Errors vulnerability in Linux Kernel

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
linux
CWE-399
nessus

Summary

The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137.

Vulnerable Configurations

Part Description Count
OS
Linux
843

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-751-1.NASL
    descriptionNFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-4307) Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. Ubuntu 8.10 was not affected. (CVE-2008-6107) In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028) The kernel keyring did not free memory correctly. A local attacker could consume unlimited kernel memory, leading to a denial of service. (CVE-2009-0031) The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065) The eCryptfs filesystem did not correctly handle certain VFS return codes. A local attacker with write-access to an eCryptfs filesystem could cause a system crash, leading to a denial of service. (CVE-2009-0269) The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322) The page fault handler could consume stack memory. A local attacker could exploit this to crash the system or gain root privileges with a Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605) Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675) The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676) The ext4 filesystem did not correctly clear group descriptors when resizing. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-0745) The ext4 filesystem did not correctly validate certain fields. A local attacker could mount a malicious ext4 filesystem, causing a system crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747, CVE-2009-0748) The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835) The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859) The virtual consoles did not correctly handle certain UTF-8 sequences. A local attacker on the physical console could exploit this to cause a system crash, leading to a denial of service. (CVE-2009-1046). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id37337
    published2009-04-23
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37337
    titleUbuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-751-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(37337);
      script_version("1.19");
      script_cvs_date("Date: 2019/08/02 13:33:02");
    
      script_cve_id("CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0605", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046");
      script_bugtraq_id(33113, 33672, 33846, 33948, 33951, 34020);
      script_xref(name:"USN", value:"751-1");
    
      script_name(english:"Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "NFS did not correctly handle races between fcntl and interrupts. A
    local attacker on an NFS mount could consume unlimited kernel memory,
    leading to a denial of service. Ubuntu 8.10 was not affected.
    (CVE-2008-4307)
    
    Sparc syscalls did not correctly check mmap regions. A local attacker
    could cause a system panic, leading to a denial of service. Ubuntu
    8.10 was not affected. (CVE-2008-6107)
    
    In certain situations, cloned processes were able to send signals to
    parent processes, crossing privilege boundaries. A local attacker
    could send arbitrary signals to parent processes, leading to a denial
    of service. (CVE-2009-0028)
    
    The kernel keyring did not free memory correctly. A local attacker
    could consume unlimited kernel memory, leading to a denial of service.
    (CVE-2009-0031)
    
    The SCTP stack did not correctly validate FORWARD-TSN packets. A
    remote attacker could send specially crafted SCTP traffic causing a
    system crash, leading to a denial of service. (CVE-2009-0065)
    
    The eCryptfs filesystem did not correctly handle certain VFS return
    codes. A local attacker with write-access to an eCryptfs filesystem
    could cause a system crash, leading to a denial of service.
    (CVE-2009-0269)
    
    The Dell platform device did not correctly validate user parameters. A
    local attacker could perform specially crafted reads to crash the
    system, leading to a denial of service. (CVE-2009-0322)
    
    The page fault handler could consume stack memory. A local attacker
    could exploit this to crash the system or gain root privileges with a
    Kprobe registered. Only Ubuntu 8.10 was affected. (CVE-2009-0605)
    
    Network interfaces statistics for the SysKonnect FDDI driver did not
    check capabilities. A local user could reset statistics, potentially
    interfering with packet accounting systems. (CVE-2009-0675)
    
    The getsockopt function did not correctly clear certain parameters. A
    local attacker could read leaked kernel memory, leading to a loss of
    privacy. (CVE-2009-0676)
    
    The ext4 filesystem did not correctly clear group descriptors when
    resizing. A local attacker could exploit this to crash the system,
    leading to a denial of service. (CVE-2009-0745)
    
    The ext4 filesystem did not correctly validate certain fields. A local
    attacker could mount a malicious ext4 filesystem, causing a system
    crash, leading to a denial of service. (CVE-2009-0746, CVE-2009-0747,
    CVE-2009-0748)
    
    The syscall interface did not correctly validate parameters when
    crossing the 64-bit/32-bit boundary. A local attacker could bypass
    certain syscall restricts via crafted syscalls. (CVE-2009-0834,
    CVE-2009-0835)
    
    The shared memory subsystem did not correctly handle certain shmctl
    calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not
    vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859)
    
    The virtual consoles did not correctly handle certain UTF-8 sequences.
    A local attacker on the physical console could exploit this to cause a
    system crash, leading to a denial of service. (CVE-2009-1046).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/751-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20, 119, 189, 264, 362, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.22");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.24");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.27");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-openvz");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-rt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ume");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-cell");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ume");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-debug-2.6-virtual");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.22");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.24");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.27");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:7.10");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/06");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("ksplice.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(7\.10|8\.04|8\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 7.10 / 8.04 / 8.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0031", "CVE-2009-0065", "CVE-2009-0269", "CVE-2009-0322", "CVE-2009-0605", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0745", "CVE-2009-0746", "CVE-2009-0747", "CVE-2009-0748", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859", "CVE-2009-1046");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-751-1");
      }
      else
      {
        _ubuntu_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    
    if (ubuntu_check(osver:"7.10", pkgname:"linux-doc-2.6.22", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-386", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-generic", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-rt", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-server", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-ume", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-virtual", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-headers-2.6.22-16-xen", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-386", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-cell", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-generic", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-lpia", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-lpiacompat", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-rt", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-server", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-ume", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-virtual", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-2.6.22-16-xen", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-386", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-generic", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-server", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-image-debug-2.6.22-16-virtual", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-kernel-devel", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-libc-dev", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"7.10", pkgname:"linux-source-2.6.22", pkgver:"2.6.22-16.62")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-doc-2.6.24", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-386", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-generic", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-openvz", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-rt", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-server", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-virtual", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-headers-2.6.24-23-xen", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-386", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-generic", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-lpia", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-lpiacompat", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-openvz", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-rt", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-server", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-virtual", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-2.6.24-23-xen", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-386", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-generic", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-server", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-image-debug-2.6.24-23-virtual", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-kernel-devel", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-libc-dev", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.04", pkgname:"linux-source-2.6.24", pkgver:"2.6.24-23.52")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-doc-2.6.27", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-headers-2.6.27-11", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-headers-2.6.27-11-generic", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-headers-2.6.27-11-server", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-image-2.6.27-11-generic", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-image-2.6.27-11-server", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-image-2.6.27-11-virtual", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-libc-dev", pkgver:"2.6.27-11.31")) flag++;
    if (ubuntu_check(osver:"8.10", pkgname:"linux-source-2.6.27", pkgver:"2.6.27-11.31")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-doc-2.6.22 / linux-doc-2.6.24 / linux-doc-2.6.27 / etc");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-752-1.NASL
    descriptionNFS did not correctly handle races between fcntl and interrupts. A local attacker on an NFS mount could consume unlimited kernel memory, leading to a denial of service. (CVE-2008-4307) Sparc syscalls did not correctly check mmap regions. A local attacker could cause a system panic, leading to a denial of service. (CVE-2008-6107) In certain situations, cloned processes were able to send signals to parent processes, crossing privilege boundaries. A local attacker could send arbitrary signals to parent processes, leading to a denial of service. (CVE-2009-0028) The 64-bit syscall interfaces did not correctly handle sign extension. A local attacker could make malicious syscalls, possibly gaining root privileges. The x86_64 architecture was not affected. (CVE-2009-0029) The SCTP stack did not correctly validate FORWARD-TSN packets. A remote attacker could send specially crafted SCTP traffic causing a system crash, leading to a denial of service. (CVE-2009-0065) The Dell platform device did not correctly validate user parameters. A local attacker could perform specially crafted reads to crash the system, leading to a denial of service. (CVE-2009-0322) Network interfaces statistics for the SysKonnect FDDI driver did not check capabilities. A local user could reset statistics, potentially interfering with packet accounting systems. (CVE-2009-0675) The getsockopt function did not correctly clear certain parameters. A local attacker could read leaked kernel memory, leading to a loss of privacy. (CVE-2009-0676) The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls. (CVE-2009-0834, CVE-2009-0835) The shared memory subsystem did not correctly handle certain shmctl calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id36418
    published2009-04-23
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/36418
    titleUbuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-752-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(36418);
      script_version("1.18");
      script_cvs_date("Date: 2019/08/02 13:33:02");
    
      script_cve_id("CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0065", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859");
      script_bugtraq_id(33113, 33846, 33948, 33951, 34020);
      script_xref(name:"USN", value:"752-1");
    
      script_name(english:"Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "NFS did not correctly handle races between fcntl and interrupts. A
    local attacker on an NFS mount could consume unlimited kernel memory,
    leading to a denial of service. (CVE-2008-4307)
    
    Sparc syscalls did not correctly check mmap regions. A local attacker
    could cause a system panic, leading to a denial of service.
    (CVE-2008-6107)
    
    In certain situations, cloned processes were able to send signals to
    parent processes, crossing privilege boundaries. A local attacker
    could send arbitrary signals to parent processes, leading to a denial
    of service. (CVE-2009-0028)
    
    The 64-bit syscall interfaces did not correctly handle sign extension.
    A local attacker could make malicious syscalls, possibly gaining root
    privileges. The x86_64 architecture was not affected. (CVE-2009-0029)
    
    The SCTP stack did not correctly validate FORWARD-TSN packets. A
    remote attacker could send specially crafted SCTP traffic causing a
    system crash, leading to a denial of service. (CVE-2009-0065)
    
    The Dell platform device did not correctly validate user parameters. A
    local attacker could perform specially crafted reads to crash the
    system, leading to a denial of service. (CVE-2009-0322)
    
    Network interfaces statistics for the SysKonnect FDDI driver did not
    check capabilities. A local user could reset statistics, potentially
    interfering with packet accounting systems. (CVE-2009-0675)
    
    The getsockopt function did not correctly clear certain parameters. A
    local attacker could read leaked kernel memory, leading to a loss of
    privacy. (CVE-2009-0676)
    
    The syscall interface did not correctly validate parameters when
    crossing the 64-bit/32-bit boundary. A local attacker could bypass
    certain syscall restricts via crafted syscalls. (CVE-2009-0834,
    CVE-2009-0835)
    
    The shared memory subsystem did not correctly handle certain shmctl
    calls when CONFIG_SHMEM was disabled. Ubuntu kernels were not
    vulnerable, since CONFIG_SHMEM is enabled by default. (CVE-2009-0859).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/752-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(20, 119, 189, 264, 362, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-firmware-2.6.15-54");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:avm-fritz-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-control");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fglrx-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-686-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-k8-smp");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-backports-modules-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc-2.6.15");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-2.6-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-386");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-686");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-k8");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-amd64-xeon");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-restricted-modules-common");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-server");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.15");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-glx-legacy-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:nvidia-legacy-kernel-source");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:xorg-driver-fglrx-dev");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/01/07");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/04/07");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/04/23");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("ksplice.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! ereg(pattern:"^(6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2008-4307", "CVE-2008-6107", "CVE-2009-0028", "CVE-2009-0029", "CVE-2009-0065", "CVE-2009-0322", "CVE-2009-0675", "CVE-2009-0676", "CVE-2009-0834", "CVE-2009-0835", "CVE-2009-0859");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-752-1");
      }
      else
      {
        _ubuntu_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    
    if (ubuntu_check(osver:"6.06", pkgname:"avm-fritz-firmware", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"avm-fritz-firmware-2.6.15-54", pkgver:"3.11+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"avm-fritz-kernel-source", pkgver:"3.11+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"fglrx-control", pkgver:"8.25.18+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"fglrx-kernel-source", pkgver:"8.25.18+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-386", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-686", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-686-smp", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-generic", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-k8", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-k8-smp", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-amd64-xeon", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-386", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-686", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-amd64-generic", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-amd64-k8", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-amd64-server", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-amd64-xeon", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-2.6.15-54-server", pkgver:"2.6.15-54.12")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-386", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-686", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-amd64-generic", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-amd64-k8", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-amd64-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-amd64-xeon", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-backports-modules-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-doc", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-doc-2.6.15", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-386", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-686", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-amd64-generic", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-amd64-k8", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-amd64-server", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-amd64-xeon", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-2.6.15-54-server", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-386", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-686", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-generic", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-k8", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-amd64-xeon", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-headers-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-386", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-686", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-amd64-generic", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-amd64-k8", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-amd64-server", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-amd64-xeon", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-2.6.15-54-server", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-386", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-686", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-generic", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-k8", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-amd64-xeon", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-image-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-kernel-devel", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-54-386", pkgver:"2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-54-686", pkgver:"2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-54-amd64-generic", pkgver:"2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-54-amd64-k8", pkgver:"2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-2.6.15-54-amd64-xeon", pkgver:"2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-386", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-686", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-amd64-generic", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-amd64-k8", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-amd64-xeon", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-restricted-modules-common", pkgver:"2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-server", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-source", pkgver:"2.6.15.55")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"linux-source-2.6.15", pkgver:"2.6.15-54.76")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx", pkgver:"1.0.8776+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx-dev", pkgver:"1.0.8776+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx-legacy", pkgver:"1.0.7174+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-glx-legacy-dev", pkgver:"1.0.7174+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-kernel-source", pkgver:"1.0.8776+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"nvidia-legacy-kernel-source", pkgver:"1.0.7174+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"xorg-driver-fglrx", pkgver:"7.0.0-8.25.18+2.6.15.12-54.5")) flag++;
    if (ubuntu_check(osver:"6.06", pkgname:"xorg-driver-fglrx-dev", pkgver:"7.0.0-8.25.18+2.6.15.12-54.5")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "avm-fritz-firmware / avm-fritz-firmware-2.6.15-54 / etc");
    }
    

Statements

contributorMark J Cox
lastmodified2009-02-12
organizationRed Hat
statementNot vulnerable. Red Hat Enterprise Linux 2.1, 3, 4, and 5 do not ship for the SPARC architecture.