home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / mandrake_MDKSA-2004-062.nasl < prev    next >
Text File  |  2005-01-14  |  4KB  |  158 lines
  1. #
  2. # (C) Tenable Network Security
  3. #
  4. # This plugin text was extracted from Mandrake Linux Security Advisory MDKSA-2004:062
  5. #
  6.  
  7.  
  8. if ( ! defined_func("bn_random") ) exit(0);
  9. if(description)
  10. {
  11.  script_id(14161);
  12.  script_bugtraq_id(10352);
  13.  script_version ("$Revision: 1.3 $");
  14.  script_cve_id("CAN-2004-0535", "CAN-2004-0554");
  15.  
  16.  name["english"] = "MDKSA-2004:062: kernel";
  17.  
  18.  script_name(english:name["english"]);
  19.  
  20.  desc["english"] = "
  21. The remote host is missing the patch for the advisory MDKSA-2004:062 (kernel).
  22.  
  23.  
  24. A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and earlier was
  25. discovered by Chris Wright. The e1000 driver does not properly reset memory or
  26. restrict the maximum length of a data structure, which can allow a local user to
  27. read portions of kernel memory (CAN-2004-0535).
  28. A vulnerability was also discovered in the kernel were a certain C program would
  29. trigger a floating point exception that would crash the kernel. This
  30. vulnerability can only be triggered locally by users with shell access
  31. (CAN-2004-0554).
  32.  
  33.  
  34. Solution : http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:062
  35. Risk factor : High";
  36.  
  37.  
  38.  
  39.  script_description(english:desc["english"]);
  40.  
  41.  summary["english"] = "Check for the version of the kernel package";
  42.  script_summary(english:summary["english"]);
  43.  
  44.  script_category(ACT_GATHER_INFO);
  45.  
  46.  script_copyright(english:"This script is Copyright (C) 2004 Tenable Network Security");
  47.  family["english"] = "Mandrake Local Security Checks";
  48.  script_family(english:family["english"]);
  49.  
  50.  script_dependencies("ssh_get_info.nasl");
  51.  script_require_keys("Host/Mandrake/rpm-list");
  52.  exit(0);
  53. }
  54.  
  55. include("rpm.inc");
  56. if ( rpm_check( reference:"kernel-2.4.25.6mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  57. {
  58.  security_hole(0);
  59.  exit(0);
  60. }
  61. if ( rpm_check( reference:"kernel-2.6.3.14mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  62. {
  63.  security_hole(0);
  64.  exit(0);
  65. }
  66. if ( rpm_check( reference:"kernel-enterprise-2.4.25.6mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  67. {
  68.  security_hole(0);
  69.  exit(0);
  70. }
  71. if ( rpm_check( reference:"kernel-enterprise-2.6.3.14mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  72. {
  73.  security_hole(0);
  74.  exit(0);
  75. }
  76. if ( rpm_check( reference:"kernel-secure-2.6.3.14mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  77. {
  78.  security_hole(0);
  79.  exit(0);
  80. }
  81. if ( rpm_check( reference:"kernel-smp-2.4.25.6mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  82. {
  83.  security_hole(0);
  84.  exit(0);
  85. }
  86. if ( rpm_check( reference:"kernel-smp-2.6.3.14mdk-1-1mdk", release:"MDK10.0", yank:"mdk") )
  87. {
  88.  security_hole(0);
  89.  exit(0);
  90. }
  91. if ( rpm_check( reference:"kernel-source-2.4.25-6mdk", release:"MDK10.0", yank:"mdk") )
  92. {
  93.  security_hole(0);
  94.  exit(0);
  95. }
  96. if ( rpm_check( reference:"kernel-source-2.6.3-14mdk", release:"MDK10.0", yank:"mdk") )
  97. {
  98.  security_hole(0);
  99.  exit(0);
  100. }
  101. if ( rpm_check( reference:"kernel-source-stripped-2.6.3-14mdk", release:"MDK10.0", yank:"mdk") )
  102. {
  103.  security_hole(0);
  104.  exit(0);
  105. }
  106. if ( rpm_check( reference:"kernel-2.4.21.0.31mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  107. {
  108.  security_hole(0);
  109.  exit(0);
  110. }
  111. if ( rpm_check( reference:"kernel-secure-2.4.21.0.31mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  112. {
  113.  security_hole(0);
  114.  exit(0);
  115. }
  116. if ( rpm_check( reference:"kernel-smp-2.4.21.0.31mdk-1-1mdk", release:"MDK9.1", yank:"mdk") )
  117. {
  118.  security_hole(0);
  119.  exit(0);
  120. }
  121. if ( rpm_check( reference:"kernel-source-2.4.21-0.31mdk", release:"MDK9.1", yank:"mdk") )
  122. {
  123.  security_hole(0);
  124.  exit(0);
  125. }
  126. if ( rpm_check( reference:"kernel-2.4.22.35mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  127. {
  128.  security_hole(0);
  129.  exit(0);
  130. }
  131. if ( rpm_check( reference:"kernel-enterprise-2.4.22.35mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  132. {
  133.  security_hole(0);
  134.  exit(0);
  135. }
  136. if ( rpm_check( reference:"kernel-secure-2.4.22.35mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  137. {
  138.  security_hole(0);
  139.  exit(0);
  140. }
  141. if ( rpm_check( reference:"kernel-smp-2.4.22.35mdk-1-1mdk", release:"MDK9.2", yank:"mdk") )
  142. {
  143.  security_hole(0);
  144.  exit(0);
  145. }
  146. if ( rpm_check( reference:"kernel-source-2.4.22-35mdk", release:"MDK9.2", yank:"mdk") )
  147. {
  148.  security_hole(0);
  149.  exit(0);
  150. }
  151. if (rpm_exists(rpm:"kernel-", release:"MDK10.0")
  152.  || rpm_exists(rpm:"kernel-", release:"MDK9.1")
  153.  || rpm_exists(rpm:"kernel-", release:"MDK9.2") )
  154. {
  155.  set_kb_item(name:"CAN-2004-0535", value:TRUE);
  156.  set_kb_item(name:"CAN-2004-0554", value:TRUE);
  157. }
  158.