home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2003-110.nasl < prev    next >
Text File  |  2005-01-14  |  3KB  |  107 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2003:110
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14092);
  12.  script_version ("$Revision: 1.2 $");
  13.  script_cve_id("CAN-2003-0961");
  14.  
  15.  name["english"] = "MDKSA-2003:110: kernel";
  16.  
  17.  script_name(english:name["english"]);
  18.  
  19.  desc["english"] = "
  20. The remote host is missing the patch for the advisory MDKSA-2003:110 (kernel).
  21.  
  22.  
  23. A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous.
  24. A flaw in bounds checking in the do_brk() function can allow a local attacker to
  25. gain root privileges. This vulnerability is known to be exploitable; an exploit
  26. is in the wild at this time.
  27. The Mandrake Linux 9.2 kernels are not vulnerable to this problem as the fix for
  28. it is already present in kernel version 2.4.22-21mdk (provided in
  29. MDKA-2003:021).
  30. MandrakeSoft encourages all users to upgrade their systems immediately.
  31. To upgrade your kernel, please use the documentation available online:
  32. http://www.mandrakesecure.net/en/kernelupdate.php
  33.  
  34.  
  35. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:110
  36. Risk factor : High";
  37.  
  38.  
  39.  
  40.  script_description(english:desc["english"]);
  41.  
  42.  summary["english"] = "Check for the version of the kernel package";
  43.  script_summary(english:summary["english"]);
  44.  
  45.  script_category(ACT_GATHER_INFO);
  46.  
  47.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  48.  family["english"] = "Mandrake Local Security Checks";
  49.  script_family(english:family["english"]);
  50.  
  51.  script_dependencies("ssh_get_info.nasl");
  52.  script_require_keys("Host/Mandrake/rpm-list");
  53.  exit(0);
  54. }
  55.  
  56. include("rpm.inc");
  57. if ( rpm_check( reference:"kernel-2.4.19.36mdk-1-1mdk", release:"MDK9.0", yank:"mdk") )
  58. {
  59.  security_hole(0);
  60.  exit(0);
  61. }
  62. if ( rpm_check( reference:"kernel-enterprise-2.4.19.36mdk-1-1mdk", release:"MDK9.0", yank:"mdk") )
  63. {
  64.  security_hole(0);
  65.  exit(0);
  66. }
  67. if ( rpm_check( reference:"kernel-secure-2.4.19.36mdk-1-1mdk", release:"MDK9.0", yank:"mdk") )
  68. {
  69.  security_hole(0);
  70.  exit(0);
  71. }
  72. if ( rpm_check( reference:"kernel-smp-2.4.19.36mdk-1-1mdk", release:"MDK9.0", yank:"mdk") )
  73. {
  74.  security_hole(0);
  75.  exit(0);
  76. }
  77. if ( rpm_check( reference:"kernel-source-2.4.19-36mdk", release:"MDK9.0", yank:"mdk") )
  78. {
  79.  security_hole(0);
  80.  exit(0);
  81. }
  82. if ( rpm_check( reference:"kernel-2.4.21.0.26mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  83. {
  84.  security_hole(0);
  85.  exit(0);
  86. }
  87. if ( rpm_check( reference:"kernel-secure-2.4.21.0.26mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  88. {
  89.  security_hole(0);
  90.  exit(0);
  91. }
  92. if ( rpm_check( reference:"kernel-smp-2.4.21.0.26mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  93. {
  94.  security_hole(0);
  95.  exit(0);
  96. }
  97. if ( rpm_check( reference:"kernel-source-2.4.21-0.26mdk", release:"MDK9.1", yank:"mdk") )
  98. {
  99.  security_hole(0);
  100.  exit(0);
  101. }
  102. if (rpm_exists(rpm:"kernel-", release:"MDK9.0")
  103.  || rpm_exists(rpm:"kernel-", release:"MDK9.1") )
  104. {
  105.  set_kb_item(name:"CAN-2003-0961", value:TRUE);
  106. }
  107.