 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.53937 |
| Category: | Slackware Local Security Checks |
| Title: | Slackware: Security Advisory (SSA:2004-119-01) |
| Summary: | The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2004-119-01 advisory. |
| Description: | Summary: The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2004-119-01 advisory. Vulnerability Insight: New kernel packages are available for Slackware 9.1 and -current to fix security issues. Also available are new kernel modules packages (including alsa-driver), and a new version of the hotplug package for Slackware 9.1 containing some fixes for using 2.4.26 (and 2.6.x) kernel modules. The most serious of the fixed issues is an overflow in ip_setsockopt(), which could allow a local attacker to gain root access, or to crash or reboot the machine. This bug affects 2.4 kernels from 2.4.22 - 2.4.25. Any sites running one of those kernel versions should upgrade right away. After installing the new kernel, be sure to run 'lilo'. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Apr 28 10:19:51 PDT 2004 patches/packages/kernel-ide-2.4.26-i486-2.tgz: The first version of this package included one of the old 2.4.22 kernels by mistake. Thanks to the many people who pointed out this error. Sorry! (* Security fix *) +--------------------------+ Tue Apr 27 15:25:29 PDT 2004 patches/packages/alsa-driver-0.9.8-i486-3.tgz: Recompiled for Linux 2.4.26. patches/packages/hotplug-2004_01_05-noarch-1.tgz: This adds bugfixes for using a 2.6.x kernel, and adds the broken via-ircc module to the hotplug blacklist. Note that upgrading the package will not replace an existing blacklist, but as far as I can tell there are no ill effects from trying to load via-ircc other than the ugly mess on the screen at boot time. patches/packages/kernel-ide-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-headers-2.4.26-i386-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-modules-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-source-2.4.26-noarch-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernels/*: Upgraded to Linux 2.4.26. These 2.4.26 kernel upgrades fix: an overflow in ip_setsockopt() [CAN-2004-0424] a flaw in do_fork() that could lead to a DoS an (unexploitable) overflow in panic() [CAN-2004-0394] For more details, see: [links moved to references] (* Security fix *) Affected Software/OS: 'kernel' package(s) on Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0394 BugTraq ID: 10233 http://www.securityfocus.com/bid/10233 Conectiva Linux advisory: CLA-2004:846 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000846 Debian Security Information: DSA-1067 (Google Search) http://www.debian.org/security/2006/dsa-1067 Debian Security Information: DSA-1069 (Google Search) http://www.debian.org/security/2006/dsa-1069 Debian Security Information: DSA-1070 (Google Search) http://www.debian.org/security/2006/dsa-1070 Debian Security Information: DSA-1082 (Google Search) http://www.debian.org/security/2006/dsa-1082 En Garde Linux Advisory: ESA-20040428-004 http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:037 http://lwn.net/Articles/81773/ http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 SGI Security Advisory: 20040504-01-U ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc SGI Security Advisory: 20040505-01-U ftp://patches.sgi.com/support/free/security/advisories/20040505-01-U.asc SuSE Security Announcement: SuSE-SA:2004:010 (Google Search) http://www.novell.com/linux/security/advisories/2004_10_kernel.html XForce ISS Database: linux-panic-bo(15953) https://exchange.xforce.ibmcloud.com/vulnerabilities/15953 Common Vulnerability Exposure (CVE) ID: CVE-2004-0424 BugTraq ID: 10179 http://www.securityfocus.com/bid/10179 Bugtraq: 20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow (Google Search) http://marc.info/?l=bugtraq&m=108253171301153&w=2 Conectiva Linux advisory: CLA-2004:852 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000852 http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939 http://www.redhat.com/support/errata/RHSA-2004-183.html http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.659586 XForce ISS Database: linux-ipsetsockopt-integer-bo(15907) https://exchange.xforce.ibmcloud.com/vulnerabilities/15907 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |