Test ID:	1.3.6.1.4.1.25623.1.0.53892
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2003-168-01)
Summary:	The remote host is missing an update for the 'kernels' package(s) announced via the SSA:2003-168-01 advisory.
Description:	Summary: The remote host is missing an update for the 'kernels' package(s) announced via the SSA:2003-168-01 advisory. Vulnerability Insight: Precompiled Linux 2.4.21 kernels and source packages are now available for Slackware 9.0 and -current. These provide an improved version of the ptrace fix that had been applied to 2.4.20 in Slackware 9.0 (for example, command line options now appear correctly when root does 'ps ax'), and fix a potential denial of service problem with netfilter. Here are the details from the Slackware 9.0 ChangeLog: +--------------------------+ Tue Jun 17 19:41:55 PDT 2003 New precompiled Linux 2.4.21 kernels and source packages are now available for Slackware 9.0. These fix a few problems with the ptrace patch used with the 2.4.20 kernel, and add a few extra drivers (like Silicon Image Serial-ATA support). The new kernel also fixes a number of security issues, such as a routing cache problem in 2.4.20 and earlier can allow an attacker to cause hash collisions in the prerouting chain that consume CPU resources resulting in a denial-of-service (CAN-2003-0244). patches/packages/kernel-headers-2.4.21-i386-1.tgz: Upgraded to Linux 2.4.21 kernel headers. patches/packages/kernel-ide-2.4.21-i486-1.tgz: Upgraded to Linux 2.4.21. patches/packages/kernel-modules-2.4.21-i486-1.tgz: Upgraded kernel modules to Linux 2.4.21. patches/packages/kernel-modules-2.4.21_xfs-i486-1.tgz: Upgraded the XFS-patched kernel modules package to Linux 2.4.21-xfs. These are needed for the xfs.i kernel. patches/packages/kernel-source-2.4.21-noarch-1.tgz: Upgraded to Linux 2.4.21 source. patches/kernels/*: Upgraded to Linux 2.4.21. (* Security fix *) +--------------------------+ Affected Software/OS: 'kernels' package(s) on Slackware 9.0. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0244 BugTraq ID: 7601 http://www.securityfocus.com/bid/7601 Bugtraq: 20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01) (Google Search) http://marc.info/?l=bugtraq&m=105595901923063&w=2 Debian Security Information: DSA-311 (Google Search) http://www.debian.org/security/2003/dsa-311 Debian Security Information: DSA-312 (Google Search) http://www.debian.org/security/2003/dsa-312 Debian Security Information: DSA-332 (Google Search) http://www.debian.org/security/2003/dsa-332 Debian Security Information: DSA-336 (Google Search) http://www.debian.org/security/2003/dsa-336 Debian Security Information: DSA-442 (Google Search) http://www.debian.org/security/2004/dsa-442 En Garde Linux Advisory: ESA-20030515-017 http://marc.info/?l=bugtraq&m=105301461726555&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2003:066 http://www.mandriva.com/security/advisories?name=MDKSA-2003:074 http://marc.info/?l=linux-kernel&m=104956079213417 http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A261 http://www.redhat.com/support/errata/RHSA-2003-145.html http://www.redhat.com/support/errata/RHSA-2003-147.html http://www.redhat.com/support/errata/RHSA-2003-172.html http://www.secunia.com/advisories/8786/ http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0073.html XForce ISS Database: data-algorithmic-complexity-dos(15382) https://exchange.xforce.ibmcloud.com/vulnerabilities/15382
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.