📄 deb_1183_1.nasl

📁 漏洞扫描源码,可以扫描linux,windows,交换机路由器
💻 NASL
📖 第 1 页 / 共 2 页
字号:
12 下一页
# OpenVAS Vulnerability Test# $Id$# Description: Auto-generated from advisory DSA 1183-1## Authors:# Thomas Reinke <reinke@securityspace.com>## Copyright:# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com# Text descriptions are largerly excerpted from the referenced# advisory, and are Copyright (c) the respective author(s)## This program is free software; you can redistribute it and/or modify# it under the terms of the GNU General Public License version 2,# as published by the Free Software Foundation## This program is distributed in the hope that it will be useful,# but WITHOUT ANY WARRANTY; without even the implied warranty of# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the# GNU General Public License for more details.## You should have received a copy of the GNU General Public License# along with this program; if not, write to the Free Software# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.#if(description){ script_id(57407); script_cve_id("CVE-2005-4798", "CVE-2006-2935", "CVE-2006-1528", "CVE-2006-2444", "CVE-2006-2446", "CVE-2006-3745", "CVE-2006-4535"); script_bugtraq_id(18081,18101,18847,19666,20087); script_version ("$"); name["english"] = "Debian Security Advisory DSA 1183-1 (kernel-source-2.4.27)"; script_name(english:name["english"]); desc["english"] = "The remote host is missing an update to kernel-source-2.4.27announced via advisory DSA 1183-1.Several security related problems have been discovered in the Linuxkernel which may lead to a denial of service or even the execution ofarbitrary code.  The Common Vulnerabilities and Exposures projectidentifies the following problems:CVE-2005-4798A buffer overflow in NFS readlink handling allows a maliciousremote server to cause a denial of service.CVE-2006-2935Diego Calleja Garcia discovered a buffer overflow in the DVDhandling code that could be exploited by a specially crafted DVDor USB storage device to execute arbitrary code.CVE-2006-1528A bug in the SCSI driver allows a local user to cause a denial ofservice.CVE-2006-2444Patrick McHardy discovered a bug in the SNMP NAT helper thatallows remote attackers to cause a denial of service.CVE-2006-2446A race condition in the socket buffer handling allows remoteattackers to cause a denial of service.CVE-2006-3745Wei Wang discovered a bug in the SCTP implementation that allowslocal users to cause a denial of service and possibly gain rootprivileges.CVE-2006-4535David Miller reported a problem with the fix for CVE-2006-3745that allows local users to crash the system using via an SCTPsocket with a certain SO_LINGER value.The following matrix explains which kernel version for whicharchitecture fixes the problem mentioned above:stable (sarge)Source                           2.4.27-10sarge4Alpha architecture               2.4.27-10sarge4ARM architecture                 2.4.27-2sarge4Intel IA-32 architecture         2.4.27-10sarge4Intel IA-64 architecture         2.4.27-10sarge4Motorola 680x0 architecture      2.4.27-3sarge4MIPS architectures               2.4.27-10.sarge4.040815-1PowerPC architecture             2.4.27-10sarge4IBM S/390                        2.4.27-2sarge4Sun Sparc architecture           2.4.27-9sarge4FAI                              1.9.1sarge4mindi-kernel                     2.4.27-2sarge3kernel-image-speakup-i386        2.4.27-1.1sarge3systemimager                     3.2.3-6sarge3For the unstable distribution (sid) these problems won't be fixedanymore in the 2.4 kernel series.We recommend that you upgrade your kernel package and reboot theSolution:https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201183-1Risk factor : High"; script_description(english:desc["english"]); summary["english"] = "Debian Security Advisory DSA 1183-1 (kernel-source-2.4.27)"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"Copyright (c) 2006 E-Soft Inc. http://www.securiytspace.com"); family["english"] = "Debian Local Security Checks"; script_family(english:family["english"]); script_dependencies("gather-package-list.nasl"); script_require_keys("ssh/login/packages"); exit(0);}## The script code starts here#include("revisions-lib.inc");include("pkg-lib-deb.inc");vuln = 0;if(isdpkgvuln(pkg:"kernel-doc-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-patch-debian-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-source-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-tree-2.4.27", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-patch-2.4.27-s390", ver:"2.4.27-2sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-doc-2.4.27-speakup", ver:"2.4.27-1.1sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-boot-i386-standard", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-boot-ia64-standard", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-client", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-common", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-doc", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-server-flamethrowerd", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"systemimager-server", ver:"3.2.3-6sarge3", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-build-2.4.27-2", ver:"2.4.27-9sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-build-2.4.27-3", ver:"2.4.27-9sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2", ver:"2.4.27-9sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-generic", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-smp", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3", ver:"2.4.27-9sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-generic", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-smp", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-generic", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-smp", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-3-generic", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-3-smp", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"mips-tools", ver:"2.4.27-10.sarge4.040815-1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-build-2.4.27", ver:"2.4.27-2sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27", ver:"2.4.27-10.sarge4.040815-1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-bast", ver:"2.4.27-2sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-lart", ver:"2.4.27-2sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-netwinder", ver:"2.4.27-2sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-riscpc", ver:"2.4.27-2sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-riscstation", ver:"2.4.27-2sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-386", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-586tsc", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-686", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-686-smp", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-k6", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-k7", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-2-k7-smp", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-386", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-586tsc", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-686", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-686-smp", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-k6", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-k7", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-headers-2.4.27-3-k7-smp", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-386", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-586tsc", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-686", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-686-smp", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-k6", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-k7", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-2-k7-smp", ver:"2.4.27-10sarge1", rls:"DEB3.1")) {    vuln = 1;}if(isdpkgvuln(pkg:"kernel-image-2.4.27-3-386", ver:"2.4.27-10sarge4", rls:"DEB3.1")) {    vuln = 1;
12 下一页
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -