Executive Summary

Summary
Title New Linux kernel 2.4.17 packages fix several vulnerabilities
Informations
Name DSA-1082 First vendor Publication 2006-05-29
Vendor Debian Last vendor Modification 2006-05-29
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2004-0427

A local denial of service vulnerability in do_fork() has been found.

CVE-2005-0489

A local denial of service vulnerability in proc memory handling has been found.

CVE-2004-0394

A buffer overflow in the panic handling code has been found.

CVE-2004-0447

A local denial of service vulnerability through a null pointer dereference in the IA64 process handling code has been found.

CVE-2004-0554

A local denial of service vulnerability through an infinite loop in the signal handler code has been found.

CVE-2004-0565

An information leak in the context switch code has been found on the IA64 architecture.

CVE-2004-0685

Unsafe use of copy_to_user in USB drivers may disclose sensitive information.

CVE-2005-0001

A race condition in the i386 page fault handler may allow privilege escalation.

CVE-2004-0883

Multiple vulnerabilities in the SMB filesystem code may allow denial of service of information disclosure.

CVE-2004-0949

An information leak discovered in the SMB filesystem code.

CVE-2004-1016

A local denial of service vulnerability has been found in the SCM layer.

CVE-2004-1333

An integer overflow in the terminal code may allow a local denial of service vulnerability.

CVE-2004-0997

A local privilege escalation in the MIPS assembly code has been found. CVE-2004-1335 A memory leak in the ip_options_get() function may lead to denial of service. CVE-2004-1017

Multiple overflows exist in the io_edgeport driver which might be usable as a denial of service attack vector. CVE-2005-0124

Bryan Fulton reported a bounds checking bug in the coda_pioctl function which may allow local users to execute arbitrary code or trigger a denial of service attack.

CVE-2005-0528

A local privilege escalation in the mremap function has been found

CVE-2003-0984

Inproper initialization of the RTC may disclose information.

CVE-2004-1070

Insufficient input sanitising in the load_elf_binary() function may lead to privilege escalation.

CVE-2004-1071

Incorrect error handling in the binfmt_elf loader may lead to privilege escalation.

CVE-2004-1072

A buffer overflow in the binfmt_elf loader may lead to privilege escalation or denial of service.

CVE-2004-1073

The open_exec function may disclose information.

CVE-2004-1074

The binfmt code is vulnerable to denial of service through malformed a.out binaries.

CVE-2004-0138

A denial of service vulnerability in the ELF loader has been found.

CVE-2004-1068

A programming error in the unix_dgram_recvmsg() function may lead to privilege escalation.

CVE-2004-1234

The ELF loader is vulnerable to denial of service through malformed binaries.

CVE-2005-0003

Crafted ELF binaries may lead to privilege escalation, due to insufficient checking of overlapping memory regions.

CVE-2004-1235

A race condition in the load_elf_library() and binfmt_aout() functions may allow privilege escalation.

CVE-2005-0504

An integer overflow in the Moxa driver may lead to privilege escalation.

CVE-2005-0384

A remote denial of service vulnerability has been found in the PPP driver.

CVE-2005-0135

An IA64 specific local denial of service vulnerability has been found in the unw_unwind_to_user() function.

The following matrix explains which kernel version for which architecture fix the problems mentioned above:

Debian 3.1 (sarge) Source 2.4.17-1woody4 HP Precision architecture 32.5 Intel IA-64 architecture 011226.18 IBM S/390 architecture/image 2.4.17-2.woody.5 IBM S/390 architecture/patch 0.0.20020816-0.woody.4 PowerPC architecture (apus) 2.4.17-6 MIPS architecture 2.4.17-0.020226.2.woody7

We recommend that you upgrade your kernel package immediately and reboot the machine.

Original Source

Url : http://www.debian.org/security/2006/dsa-1082

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory Leak')
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10123
 
Oval ID: oval:org.mitre.oval:def:10123
Title: The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.
Description: The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0138
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1013
 
Oval ID: oval:org.mitre.oval:def:1013
Title: Red Hat Enterprise 3 Kernel Real Time Clock Data Leakage
Description: Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0984
Version: 2
Platform(s): Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10189
 
Oval ID: oval:org.mitre.oval:def:10189
Title: The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Description: The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0985
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10297
 
Oval ID: oval:org.mitre.oval:def:10297
Title: The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
Description: The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0427
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10322
 
Oval ID: oval:org.mitre.oval:def:10322
Title: Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Description: Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0001
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10330
 
Oval ID: oval:org.mitre.oval:def:10330
Title: Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
Description: Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0883
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10360
 
Oval ID: oval:org.mitre.oval:def:10360
Title: The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
Description: The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0949
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10608
 
Oval ID: oval:org.mitre.oval:def:10608
Title: load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.
Description: load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1234
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10665
 
Oval ID: oval:org.mitre.oval:def:10665
Title: Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
Description: Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0685
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10714
 
Oval ID: oval:org.mitre.oval:def:10714
Title: Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
Description: Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0565
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10918
 
Oval ID: oval:org.mitre.oval:def:10918
Title: Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.
Description: Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0447
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11085
 
Oval ID: oval:org.mitre.oval:def:11085
Title: Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Description: Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1335
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11195
 
Oval ID: oval:org.mitre.oval:def:11195
Title: The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
Description: The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1072
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11384
 
Oval ID: oval:org.mitre.oval:def:11384
Title: A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
Description: A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1068
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11503
 
Oval ID: oval:org.mitre.oval:def:11503
Title: The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
Description: The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1073
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11690
 
Oval ID: oval:org.mitre.oval:def:11690
Title: The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow.
Description: The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0124
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11816
 
Oval ID: oval:org.mitre.oval:def:11816
Title: The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.
Description: The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1016
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18892
 
Oval ID: oval:org.mitre.oval:def:18892
Title: DSA-1286-1 linux-2.6
Description: Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1286-1
CVE-2007-0005
CVE-2007-0958
CVE-2007-1357
CVE-2007-1592
CVE-2004-1073
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): linux-2.6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2819
 
Oval ID: oval:org.mitre.oval:def:2819
Title: Denial of Service Vulnerability in Linux Kernel do_fork Function via CLONE_VM
Description: The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local users to cause a denial of service (memory exhaustion) via the clone (CLONE_VM) system call.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0427
Version: 1
Platform(s): Red Hat Enterprise Linux 3
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:2915
 
Oval ID: oval:org.mitre.oval:def:2915
Title: Linux Kernel Denial of Service Vulnerability via fsave and frstor Instructions
Description: Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0554
Version: 1
Platform(s): Red Hat Enterprise Linux 3
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:859
 
Oval ID: oval:org.mitre.oval:def:859
Title: Red Hat Kernel Real Time Clock Data Leakage
Description: Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0984
Version: 2
Platform(s): Red Hat Linux 9
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:860
 
Oval ID: oval:org.mitre.oval:def:860
Title: Red Hat Linux Kernel do_mremap Denial of Service Vulnerability
Description: The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0985
Version: 2
Platform(s): Red Hat Linux 9
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:867
 
Oval ID: oval:org.mitre.oval:def:867
Title: Red Hat Enterprise 3 Linux Kernel do_mremap Denial of Service Vulnerability
Description: The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0985
Version: 2
Platform(s): Red Hat Enterprise Linux 3
Product(s): Linux kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9040
 
Oval ID: oval:org.mitre.oval:def:9040
Title: The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
Description: The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash).
Family: unix Class: vulnerability
Reference(s): CVE-2005-0135
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9406
 
Oval ID: oval:org.mitre.oval:def:9406
Title: Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
Description: Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
Family: unix Class: vulnerability
Reference(s): CVE-2003-0984
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9426
 
Oval ID: oval:org.mitre.oval:def:9426
Title: Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
Description: Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
Family: unix Class: vulnerability
Reference(s): CVE-2004-0554
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9450
 
Oval ID: oval:org.mitre.oval:def:9450
Title: The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
Description: The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1070
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9512
 
Oval ID: oval:org.mitre.oval:def:9512
Title: The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
Description: The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0003
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9562
 
Oval ID: oval:org.mitre.oval:def:9562
Title: Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
Description: Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0384
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9567
 
Oval ID: oval:org.mitre.oval:def:9567
Title: Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Description: Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1235
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9751
 
Oval ID: oval:org.mitre.oval:def:9751
Title: The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
Description: The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1074
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9770
 
Oval ID: oval:org.mitre.oval:def:9770
Title: Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
Description: Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
Family: unix Class: vulnerability
Reference(s): CVE-2005-0504
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9786
 
Oval ID: oval:org.mitre.oval:def:9786
Title: Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
Description: Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1017
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9917
 
Oval ID: oval:org.mitre.oval:def:9917
Title: The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
Description: The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
Family: unix Class: vulnerability
Reference(s): CVE-2004-1071
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Application 1
Application 1
Application 1
Application 2
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Hardware 1
Hardware 2
Hardware 2
Hardware 2
Hardware 2
Os 3
Os 3
Os 2
Os 873
Os 7
Os 3
Os 14
Os 2
Os 3
Os 4
Os 2
Os 12
Os 5
Os 1
Os 3

OpenVAS Exploits

Date Description
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5019053.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel core
File : nvt/sles9p5014380.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5011171.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5010817.nasl
2009-04-09 Name : Mandriva Update for kernel MDKSA-2007:078 (kernel)
File : nvt/gb_mandriva_MDKSA_2007_078.nasl
2009-04-09 Name : Mandriva Update for kernel MDKSA-2007:060 (kernel)
File : nvt/gb_mandriva_MDKSA_2007_060.nasl
2009-03-23 Name : Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-508-1
File : nvt/gb_ubuntu_USN_508_1.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0237-01
File : nvt/gb_RHSA-2008_0237-01_kernel.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-24 (Kernel)
File : nvt/glsa_200408_24.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200407-16 (Kernel)
File : nvt/glsa_200407_16.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200407-02 (Kernel)
File : nvt/glsa_200407_02.nasl
2008-01-17 Name : Debian Security Advisory DSA 475-1 (kernel-image-2.4.17-hppa)
File : nvt/deb_475_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1017-1 (kernel-source-2.6.8)
File : nvt/deb_1017_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 470-1 (kernel-image-2.4.17-hppa)
File : nvt/deb_470_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64)
File : nvt/deb_423_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16)
File : nvt/deb_1067_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-...
File : nvt/deb_1070_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17)
File : nvt/deb_1082_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1286-1 (linux-2.6)
File : nvt/deb_1286_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1304-1 (kernel-source-2.6.8)
File : nvt/deb_1304_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 413-1 (kernel-source-2.4.18, kernel-image-2.4.18...
File : nvt/deb_413_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 417-1 (kernel-patch-2.4.18-powerpc, kernel-image...
File : nvt/deb_417_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 417-2 (kernel-image-2.4.18-1-alpha)
File : nvt/deb_417_2.nasl
2008-01-17 Name : Debian Security Advisory DSA 450-1 (kernel-source-2.4.19, kernel-patch-2.4.19...
File : nvt/deb_450_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 427-1 (kernel-patch-2.4.17-mips)
File : nvt/deb_427_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 439-1 (kernel)
File : nvt/deb_439_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 440-1 (kernel-source-2.4.17, kernel-patch-2.4.17...
File : nvt/deb_440_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2....
File : nvt/deb_442_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-167-01 kernel DoS
File : nvt/esoft_slk_ssa_2004_167_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-119-01 kernel security updates
File : nvt/esoft_slk_ssa_2004_119_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-049-01 Kernel security update
File : nvt/esoft_slk_ssa_2004_049_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2004-006-01 Kernel security update
File : nvt/esoft_slk_ssa_2004_006_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
45183 Linux Kernel ELF Loader VMA Unmapping Local DoS

44994 Linux Kernel /proc (proc/base.c) Unspecified Free Memory Access Local DoS

44993 Linux Kernel ptrace MIPS Assembly Code Unspecified Local Privilege Escalation

15728 Red Hat Linux Itanium unw_unwind_to_user Function Local DoS

Red Hat Linux for Itanium contains a flaw that may allow a local denial of service. The issue is triggered by a flaw in unw_unwind_to_user function, and will result in loss of availability for the platform.
14810 Linux Kernel Malformed PPP Packet Remote DoS

Kernel contains a flaw in drivers/net/ppp_async.c that may allow a remote denial of service. The issue is triggered when a remote user sends a specially crafted PPP packet, and will result in loss of availability for the platform. No further details have been provided.
13535 Linux Kernel ip_options_get Memory Leak DoS

13533 Linux Kernel coda_pioctl Function Negative Value Overflow

12917 Linux Kernel Elf Binary Overlapping VMA Local Privilege Escalation

12914 Linux Kernel Multiprocessor Page Fault Handler Race Condition

Linux Kernel contains a flaw that may allow a malicious user to execute arbitrary code with root privileges on multi-processor systems. The issue is caused by the page fault handler and is triggered when two threads, which share the same virtual memory space, request a stack expansion simultaneously. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
12837 Linux Kernel MOXA Serial Driver Overflow

A local overflow exists in the Linux kernel. The MoxaDriverIoctl() function fails to validate user-supplied data resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.
12791 Linux Kernel sys_uselib Binary Format Loader Local Privilege Escalation

12589 Linux Kernel load_elf_binary DoS

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered due to an undisclosed error within the memory management handling of ELF executed in "load_elf_binary." An attacker can create and load a specially crafted ELF binary which will result in loss of availability for the system.
12527 Linux Kernel scm_send() Function Local DoS

12479 Linux Kernel vc_resize() Function Local Overflow

12349 Linux Kernel io_edgeport Driver Local Overflow

A local overflow exists in the edge_startup() function of the io_edgeport driver. The edge_startup() fails to check boundaries resulting in an overflow. With a USB dongle, an attacker can cause the kernel to crash or may be able to gain elevated privileges resulting in a loss of integrity and availability.
11996 Linux Kernel unix_dgram_recvmsg() Local Privilege Escalation

11985 Linux Kernel smb Filesystem smb_receive_trans2 Arbitrary Memory Disclosure

11984 Linux Kernel smb Filesystem smb_proc_readX_data DoS

11983 Linux Kernel smb Filesystem smb_receive_trans2 Overflow

11982 Linux Kernel smb Filesystem smb_proc_readX Arbitrary Memory Disclosure

11981 Linux Kernel smb Filesystem smb_proc_read(X) Overflow

11600 Linux Kernel ELF Binary Loader open_exec() Binary Read Permission Error

11599 Linux Kernel ELF Binary Loader Interpreter Name String Parsing Issue

11598 Linux Kernel ELF Binary Loader mmap() Failure Handling Issue

The ELF binary loader in the Linux kernel contains a flaw that may allow a malicious user to manipulate the system into loading a binary into memory incorrectly. The issue is triggered when the mmap() function fails. It is possible that the flaw may allow the attacker to supply an arbitrary memory layout for the binary, resulting in a loss of integrity.
11597 Linux Kernel ELF Binary Loader Bad Return Value Issue

The ELF binary loader in the Linux kernel contains a flaw that may allow a malicious user to manipulate the system into returning a smaller value than requested when filling kernel buffers. The issue is triggered when the kernel_read() function returns a positive but smaller value than requested. It is possible that the flaw may allow the attacker to supply an arbitrary memory layout for the binary, resulting in a loss of integrity.
11596 Linux Kernel ELF Binary Loader Kernel Buffer Check Failure

9273 Linux Kernel USB Structure Kernel Memory Disclosure

8198 Linux Kernel Unspecified IA64 Local DoS

7585 Linux Kernel MFH Bit Information Disclosure

The ia64 Linux Kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a floating point leak occurs, which will disclose the registers of other process information resulting in a loss of confidentiality.
7423 Linux Kernel panic() Overflow

A local overflow exists in the Linux kernel. The panic() function fails to validate user-supplied data resulting in a buffer overflow. With a specially crafted request, an attacker can potentially cause arbitrary code execution resulting in a loss of integrity.
7219 Linux Kernel do_fork Memory Leak Information Disclosure

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to an error in the error path of the do_fork function; if an error exists after the allocation of the mm_struct for a child process, the do_fork function fails to free the process. This memory leak will disclose sensitive information, resulting in a loss of confidentiality, and consume system memory, resulting in a loss of availability through resource exhaustion.
7077 Linux Kernel __clear_fpu Infinite Loop DoS

The Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the fsave and frstor instructions are sent in a particular sequence, causing an infinite loop into a floating point exception, and will result in loss of availability for the kernel.
3317 Linux Kernel Real Time Clock Kernel Memory Disclosure

The Linux kernel contains a flaw that may lead to an unauthorized information disclosure. The vulnerability is caused due to an unspecified error in "/dev/rtc" real time clock routines, which may disclose parts of kernel memory to unprivileged users. It potentially can be exploited by malicious, local users to gain knowledge of sensitive information.
3315 Linux Kernel do_mremap() Privilege Escalation

A local overflow exists in the Linux kernel. The do_mremap() function fails to perform bounds checking resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of confidentiality, integrity, and/or availability.

Snort® IPS/IDS

Date Description
2014-01-10 SMB client TRANS response ring0 remote code execution attempt
RuleID : 16531 - Revision : 11 - Type : NETBIOS

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080507_kernel_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0237.nasl - Type : ACT_GATHER_INFO
2007-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-508-1.nasl - Type : ACT_GATHER_INFO
2007-06-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1304.nasl - Type : ACT_GATHER_INFO
2007-05-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1286.nasl - Type : ACT_GATHER_INFO
2007-04-05 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-078.nasl - Type : ACT_GATHER_INFO
2007-03-12 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-060.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1017.nasl - Type : ACT_GATHER_INFO
2006-07-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-366.nasl - Type : ACT_GATHER_INFO
2006-07-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-293.nasl - Type : ACT_GATHER_INFO
2006-07-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-663.nasl - Type : ACT_GATHER_INFO
2006-02-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0191.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-95-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-219.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-30-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-38-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-39-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-47-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-57-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-60-0.nasl - Type : ACT_GATHER_INFO
2005-10-05 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-663.nasl - Type : ACT_GATHER_INFO
2005-09-12 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-313.nasl - Type : ACT_GATHER_INFO
2005-08-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-529.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-008-01.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-006-01.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-049-01.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-119-01.nasl - Type : ACT_GATHER_INFO
2005-07-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2004-167-01.nasl - Type : ACT_GATHER_INFO
2005-07-01 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-111.nasl - Type : ACT_GATHER_INFO
2005-07-01 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-110.nasl - Type : ACT_GATHER_INFO
2005-05-19 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-262.nasl - Type : ACT_GATHER_INFO
2005-04-29 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-283.nasl - Type : ACT_GATHER_INFO
2005-04-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-293.nasl - Type : ACT_GATHER_INFO
2005-04-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-366.nasl - Type : ACT_GATHER_INFO
2005-03-25 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2005_018.nasl - Type : ACT_GATHER_INFO
2005-02-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-092.nasl - Type : ACT_GATHER_INFO
2005-02-03 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2005_003.nasl - Type : ACT_GATHER_INFO
2005-02-03 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2004_044.nasl - Type : ACT_GATHER_INFO
2005-01-26 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO
2005-01-25 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-016.nasl - Type : ACT_GATHER_INFO
2005-01-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-043.nasl - Type : ACT_GATHER_INFO
2005-01-14 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-026.nasl - Type : ACT_GATHER_INFO
2005-01-14 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-025.nasl - Type : ACT_GATHER_INFO
2005-01-12 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-014.nasl - Type : ACT_GATHER_INFO
2005-01-12 Name : The remote Fedora Core host is missing a security update.
File : fedora_2005-013.nasl - Type : ACT_GATHER_INFO
2005-01-04 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-582.nasl - Type : ACT_GATHER_INFO
2005-01-04 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-581.nasl - Type : ACT_GATHER_INFO
2004-12-27 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-689.nasl - Type : ACT_GATHER_INFO
2004-12-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-505.nasl - Type : ACT_GATHER_INFO
2004-12-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-537.nasl - Type : ACT_GATHER_INFO
2004-12-13 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-549.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-450.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-413.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-417.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-423.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-427.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-439.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-440.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-442.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-470.nasl - Type : ACT_GATHER_INFO
2004-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-475.nasl - Type : ACT_GATHER_INFO
2004-08-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200407-02.nasl - Type : ACT_GATHER_INFO
2004-08-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200407-16.nasl - Type : ACT_GATHER_INFO
2004-08-30 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200408-24.nasl - Type : ACT_GATHER_INFO
2004-08-09 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-413.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-062.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-001.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-037.nasl - Type : ACT_GATHER_INFO
2004-07-31 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2004-066.nasl - Type : ACT_GATHER_INFO
2004-07-25 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2004_017.nasl - Type : ACT_GATHER_INFO
2004-07-25 Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2004_010.nasl - Type : ACT_GATHER_INFO
2004-07-23 Name : The remote Fedora Core host is missing a security update.
File : fedora_2003-046.nasl - Type : ACT_GATHER_INFO
2004-07-23 Name : The remote Fedora Core host is missing a security update.
File : fedora_2003-047.nasl - Type : ACT_GATHER_INFO
2004-07-23 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-111.nasl - Type : ACT_GATHER_INFO
2004-07-23 Name : The remote Fedora Core host is missing a security update.
File : fedora_2004-186.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2003-416.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-260.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-255.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2004-188.nasl - Type : ACT_GATHER_INFO
2004-07-06 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2003-419.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:25:52
  • Multiple Updates
2013-05-11 12:16:55
  • Multiple Updates