Test ID:	1.3.6.1.4.1.25623.1.1.12.2005.103.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-103-1)
Summary:	The remote host is missing an update for the 'linux-source-2.6.8.1' package(s) announced via the USN-103-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-source-2.6.8.1' package(s) announced via the USN-103-1 advisory. Vulnerability Insight: Mathieu Lafon discovered an information leak in the ext2 file system driver. When a new directory was created, the ext2 block written to disk was not initialized, so that previous memory contents (which could contain sensitive data like passwords) became visible on the raw device. This is particularly important if the target device is removable and thus can be read by users other than root. (CAN-2005-0400) Yichen Xie discovered a Denial of Service vulnerability in the ELF loader. A specially crafted ELF library or executable could cause an attempt to free an invalid pointer, which lead to a kernel crash. (CAN-2005-0749) Ilja van Sprundel discovered that the bluez_sock_create() function did not check its 'protocol' argument for negative values. A local attacker could exploit this to execute arbitrary code with root privileges by creating a Bluetooth socket with a specially crafted protocol number. (CAN-2005-0750) Michal Zalewski discovered that the iso9660 file system driver fails to check ranges properly in several cases. Mounting a specially crafted CD-ROM may have caused a buffer overflow leading to a kernel crash or even arbitrary code execution. (CAN-2005-0815) Previous kernels did not restrict the use of the N_MOUSE line discipline in the serial driver. This allowed an unprivileged user to inject mouse movement and/or keystrokes (using the sunkbd driver) into the input subsystem, taking over the console or an X session, where another user is logged in. (CAN-2005-0839) A Denial of Service vulnerability was found in the tmpfs driver, which is commonly used to mount RAM disks below /dev/shm and /tmp. The shm_nopage() did not properly verify its address argument, which could be exploited by a local user to cause a kernel crash with invalid addresses. ([link moved to references]) Affected Software/OS: 'linux-source-2.6.8.1' package(s) on Ubuntu 4.10. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0400 12932 http://www.securityfocus.com/bid/12932 14713 http://secunia.com/advisories/14713/ 17002 http://secunia.com/advisories/17002 18684 http://secunia.com/advisories/18684 20050401 Information leak in the Linux kernel ext2 implementation http://marc.info/?l=bugtraq&m=111238764720696&w=2 ADV-2005-1878 http://www.vupen.com/english/advisories/2005/1878 FLSA:152532 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152532 RHSA-2005:366 http://www.redhat.com/support/errata/RHSA-2005-366.html RHSA-2005:663 http://www.redhat.com/support/errata/RHSA-2005-663.html RHSA-2006:0190 http://www.redhat.com/support/errata/RHSA-2006-0190.html RHSA-2006:0191 http://www.redhat.com/support/errata/RHSA-2006-0191.html USN-103-1 https://usn.ubuntu.com/103-1/ http://arkoon.net/advisories/ext2-make-empty-leak.txt http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11.6 kernel-ext2-information-disclosure(19866) https://exchange.xforce.ibmcloud.com/vulnerabilities/19866 oval:org.mitre.oval:def:10336 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10336 Common Vulnerability Exposure (CVE) ID: CVE-2005-0749 12935 http://www.securityfocus.com/bid/12935 19607 http://secunia.com/advisories/19607 20060402-01-U ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U RHSA-2005:293 http://www.redhat.com/support/errata/RHSA-2005-293.html RHSA-2005:529 http://www.redhat.com/support/errata/RHSA-2005-529.html RHSA-2005:551 http://www.redhat.com/support/errata/RHSA-2005-551.html kernel-loadelflibrary-dos(19867) https://exchange.xforce.ibmcloud.com/vulnerabilities/19867 oval:org.mitre.oval:def:10640 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10640 Common Vulnerability Exposure (CVE) ID: CVE-2005-0750 12911 http://www.securityfocus.com/bid/12911 20050327 local root security bug in linux >= 2.4.6 <= 2.4.30-rc1 and 2.6.x.y <= 2.6.11.5 http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html http://marc.info/?l=bugtraq&m=111204562102633&w=2 RHSA-2005:283 http://www.redhat.com/support/errata/RHSA-2005-283.html RHSA-2005:284 http://www.redhat.com/support/errata/RHSA-2005-284.html kernel-bluezsockcreate-integer-underflow(19844) https://exchange.xforce.ibmcloud.com/vulnerabilities/19844 oval:org.mitre.oval:def:11719 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11719 Common Vulnerability Exposure (CVE) ID: CVE-2005-0815 BugTraq ID: 12837 http://www.securityfocus.com/bid/12837 Bugtraq: 20050317 Linux ISO9660 handling flaws (Google Search) http://www.securityfocus.com/archive/1/393590 http://www.mandriva.com/security/advisories?name=MDKSA-2006:072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9307 XForce ISS Database: kernel-iso9660-filesystem(19741) https://exchange.xforce.ibmcloud.com/vulnerabilities/19741 Common Vulnerability Exposure (CVE) ID: CVE-2005-0839 FLSA:157459-3 http://www.securityfocus.com/archive/1/427980/100/0/threaded [linux-kernel] 20050301 Re: Breakage from patch: Only root should be able to set the N_MOUSE line discipline. http://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg64704.html http://linux.bkbits.net:8080/linux-2.6/cset%4041fa6464E1UuGu6zmketEYxm73KSyQ oval:org.mitre.oval:def:9460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9460
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.