home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-029.nasl < prev    next >
Text File  |  2005-01-14  |  6KB  |  186 lines

  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:029
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14128);
  12.  script_bugtraq_id(10152, 9570);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2004-0003", "CAN-2004-0109", "CAN-2004-0133", "CAN-2004-0177", "CAN-2004-0178", "CAN-2004-0181");
  15.  
  16.  name["english"] = "MDKSA-2004:029: kernel";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2004:029 (kernel).
  22.  
  23.  
  24. A vulnerability was found in the R128 DRI driver by Alan Cox. This could allow
  25. local privilege escalation. The previous fix, in MDKSA-2004:015 only partially
  26. corrected the problem; the full fix is included (CAN-2004-0003).
  27. A local root vulnerability was discovered in the isofs component of the Linux
  28. kernel by iDefense. This vulnerability can be triggered by performing a
  29. directory listing on a maliciously constructed ISO filesystem, or attempting to
  30. access a file via a malformed symlink on such a filesystem (CAN-2004-0109).
  31. An information leak was discovered in the ext3 filesystem code by Solar
  32. Designer. It was discovered that when creating or writing to an ext3 filesystem,
  33. some amount of other in-memory data gets written to the device. The data is not
  34. the file's contents, not something on the same filesystem, or even anything that
  35. was previously in a file at all. To obtain this data, a user needs to read the
  36. raw device (CAN-2004-0177).
  37. The same vulnerability was also found in the XFS filesystem code (CAN-2004-0133)
  38. and the JFS filesystem code (CAN-2004-0181).
  39. Finally, a vulnerability in the OSS code for SoundBlaster 16 devices was
  40. discovered by Andreas Kies. It is possible for local users with access to the
  41. sound system to crash the machine (CAN-2004-0178).
  42. The provided packages are patched to fix these vulnerabilities. All users are
  43. encouraged to upgrade to these updated kernels.
  44. To update your kernel, please follow the directions located at:
  45. http://www.mandrakesecure.net/en/kernelupdate.php
  46.  
  47.  
  48. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:029
  49. Risk factor : High";
  50.  
  51.  
  52.  
  53.  script_description(english:desc["english"]);
  54.  
  55.  summary["english"] = "Check for the version of the kernel package";
  56.  script_summary(english:summary["english"]);
  57.  
  58.  script_category(ACT_GATHER_INFO);
  59.  
  60.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  61.  family["english"] = "Mandrake Local Security Checks";
  62.  script_family(english:family["english"]);
  63.  
  64.  script_dependencies("ssh_get_info.nasl");
  65.  script_require_keys("Host/Mandrake/rpm-list");
  66.  exit(0);
  67. }
  68.  
  69. include("rpm.inc");
  70. if ( rpm_check( reference:"kernel-2.4.25.3mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  71. {
  72.  security_hole(0);
  73.  exit(0);
  74. }
  75. if ( rpm_check( reference:"kernel-2.6.3.8mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  76. {
  77.  security_hole(0);
  78.  exit(0);
  79. }
  80. if ( rpm_check( reference:"kernel-enterprise-2.4.25.3mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  81. {
  82.  security_hole(0);
  83.  exit(0);
  84. }
  85. if ( rpm_check( reference:"kernel-enterprise-2.6.3.8mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  86. {
  87.  security_hole(0);
  88.  exit(0);
  89. }
  90. if ( rpm_check( reference:"kernel-i686-up-4GB-2.6.3.8mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  91. {
  92.  security_hole(0);
  93.  exit(0);
  94. }
  95. if ( rpm_check( reference:"kernel-p3-smp-64GB-2.6.3.8mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  96. {
  97.  security_hole(0);
  98.  exit(0);
  99. }
  100. if ( rpm_check( reference:"kernel-secure-2.6.3.8mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  101. {
  102.  security_hole(0);
  103.  exit(0);
  104. }
  105. if ( rpm_check( reference:"kernel-smp-2.4.25.3mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  106. {
  107.  security_hole(0);
  108.  exit(0);
  109. }
  110. if ( rpm_check( reference:"kernel-smp-2.6.3.8mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  111. {
  112.  security_hole(0);
  113.  exit(0);
  114. }
  115. if ( rpm_check( reference:"kernel-source-2.4.25-3mdk", release:"MDK10.0", yank:"mdk") )
  116. {
  117.  security_hole(0);
  118.  exit(0);
  119. }
  120. if ( rpm_check( reference:"kernel-source-2.6.3-8mdk", release:"MDK10.0", yank:"mdk") )
  121. {
  122.  security_hole(0);
  123.  exit(0);
  124. }
  125. if ( rpm_check( reference:"kernel-source-stripped-2.6.3-8mdk", release:"MDK10.0", yank:"mdk") )
  126. {
  127.  security_hole(0);
  128.  exit(0);
  129. }
  130. if ( rpm_check( reference:"kernel-2.4.21.0.29mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  131. {
  132.  security_hole(0);
  133.  exit(0);
  134. }
  135. if ( rpm_check( reference:"kernel-secure-2.4.21.0.29mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  136. {
  137.  security_hole(0);
  138.  exit(0);
  139. }
  140. if ( rpm_check( reference:"kernel-smp-2.4.21.0.29mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  141. {
  142.  security_hole(0);
  143.  exit(0);
  144. }
  145. if ( rpm_check( reference:"kernel-source-2.4.21-0.29mdk", release:"MDK9.1", yank:"mdk") )
  146. {
  147.  security_hole(0);
  148.  exit(0);
  149. }
  150. if ( rpm_check( reference:"kernel-2.4.22.29mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  151. {
  152.  security_hole(0);
  153.  exit(0);
  154. }
  155. if ( rpm_check( reference:"kernel-enterprise-2.4.22.29mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  156. {
  157.  security_hole(0);
  158.  exit(0);
  159. }
  160. if ( rpm_check( reference:"kernel-secure-2.4.22.29mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  161. {
  162.  security_hole(0);
  163.  exit(0);
  164. }
  165. if ( rpm_check( reference:"kernel-smp-2.4.22.29mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  166. {
  167.  security_hole(0);
  168.  exit(0);
  169. }
  170. if ( rpm_check( reference:"kernel-source-2.4.22-29mdk", release:"MDK9.2", yank:"mdk") )
  171. {
  172.  security_hole(0);
  173.  exit(0);
  174. }
  175. if (rpm_exists(rpm:"kernel-", release:"MDK10.0")
  176.  || rpm_exists(rpm:"kernel-", release:"MDK9.1")
  177.  || rpm_exists(rpm:"kernel-", release:"MDK9.2") )
  178. {
  179.  set_kb_item(name:"CAN-2004-0003", value:TRUE);
  180.  set_kb_item(name:"CAN-2004-0109", value:TRUE);
  181.  set_kb_item(name:"CAN-2004-0133", value:TRUE);
  182.  set_kb_item(name:"CAN-2004-0177", value:TRUE);
  183.  set_kb_item(name:"CAN-2004-0178", value:TRUE);
  184.  set_kb_item(name:"CAN-2004-0181", value:TRUE);
  185. }
  186.