Executive Summary
Summary | |
---|---|
Title | New kernel packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-311 | First vendor Publication | 2003-06-08 |
Vendor | Debian | Last vendor Modification | 2003-06-08 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A number of vulnerabilities have been discovered in the Linux kernel. - - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall) - - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets - - CAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel - - CAN-2003-0244: The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions related to the PREROUTING chain - - CAN-2003-0246: The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. - - CAN-2003-0247: vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops") - - CAN-2003-0248: The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. - - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions This advisory covers only the i386 (Intel IA32) architectures. Other architectures will be covered by separate advisories. For the stable distribution (woody) on the i386 architecture, these problems have been fixed in kernel-source-2.4.18 version 2.4.18-9, kernel-image-2.4.18-1-i386 version 2.4.18-8, and kernel-image-2.4.18-i386bf version 2.4.18-5woody1. For the unstable distribution (sid) these problems are fixed in the 2.4.20 series kernels based on Debian sources. We recommend that you update your kernel packages. If you are using the kernel installed by the installation system when the "bf24" option is selected (for a 2.4.x kernel), you should install the kernel-image-2.4.18-bf2.4 package. If you installed a different kernel-image package after installation, you should install the corresponding 2.4.18-1 kernel. You may use the table below as a guide. | If "uname -r" shows: | Install this package: |
Original Source
Url : http://www.debian.org/security/2003/dsa-311 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:254 | |||
Oval ID: | oval:org.mitre.oval:def:254 | ||
Title: | Linux Kernel ptrace Privilege Escalation Vulnerability | ||
Description: | The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0127 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:261 | |||
Oval ID: | oval:org.mitre.oval:def:261 | ||
Title: | Linux Route Cache / Netfilter Denial of Service | ||
Description: | The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0244 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Netfilter |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:2665 | |||
Oval ID: | oval:org.mitre.oval:def:2665 | ||
Title: | Data Leak in NIC | ||
Description: | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0001 | Version: | 1 |
Platform(s): | Sun Solaris 7 | Product(s): | Sun Am7990 Ethernet Driver |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:278 | |||
Oval ID: | oval:org.mitre.oval:def:278 | ||
Title: | Linux ioperm Privilege Restriction Vulnerability | ||
Description: | The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0246 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:284 | |||
Oval ID: | oval:org.mitre.oval:def:284 | ||
Title: | Linux Kernel TTY Vulnerability | ||
Description: | Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0247 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28706 | |||
Oval ID: | oval:org.mitre.oval:def:28706 | ||
Title: | Critical Patch Update January 2015 | ||
Description: | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0001 | Version: | 3 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:292 | |||
Oval ID: | oval:org.mitre.oval:def:292 | ||
Title: | Linux Kernel mxcsr Code Vulnerability | ||
Description: | The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0248 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:295 | |||
Oval ID: | oval:org.mitre.oval:def:295 | ||
Title: | Linux Kernel TCP/IP Fragment Reassembly Denial of Service | ||
Description: | The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0364 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Linux kernel ptrace privilege elevation vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2013-06-10 | Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak |
2007-03-23 | Linux Kernel 2.0.x/2.2.x/2.4.x,FreeBSD 4.x Network Device Driver Frame Paddin... |
2007-03-23 | Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak) |
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 270-1 (kernel-patch-2.4.17-mips, kernel-patch-2.... File : nvt/deb_270_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 276-1 (kernel-patch-2.4.17-s390, kernel-image-2.... File : nvt/deb_276_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 311-1 (kernel) File : nvt/deb_311_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc) File : nvt/deb_312_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17... File : nvt/deb_332_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20... File : nvt/deb_336_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64) File : nvt/deb_423_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.... File : nvt/deb_442_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 495-1 (kernel) File : nvt/deb_495_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2003-168-01 2.4.21 kernels available File : nvt/esoft_slk_ssa_2003_168_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
4569 | Linux Kernel iBCS Routines lcall Arbitrary Process Termination |
4566 | Linux Kernel TCP/IP Fragment Reassembly DoS |
4565 | Linux Kernel ptrace Attached Process Privilege Escalation |
4456 | Linux Kernel mxcsr CPU State Register Modification Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the Linux kernel function "set_fpxregs" doesn't consider the "__copy_from_user" failed condition. This could cause the contents of the MXCSR register to be corrupted, and potentially cause a reserved bit within the register to be unexpectedly set, resulting in loss of availability for the platform. |
4455 | Linux Kernel TTY Layer Unspecified DoS |
4454 | Linux Kernel ioperm System Call Arbitrary Port read/write Access |
4453 | Linux Kernel Route Cache Netfilter IP Conntrack Module DoS |
3873 | Multiple Ethernet Driver Frame Padding Information Disclosure Multiple Ethernet Network Interface Card (NIC) Device Drivers contain flaws that may result in an information leakage vulnerability. The issue is triggered when Ethernet device drivers reuse old frame buffer data to pad packets. It is possible that the flaw may allow that may allow remote attackers to harvest sensitive information from affected devices resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-01-20 | Name : The remote device is affected by a memory disclosure vulnerability. File : juniper_jsa10773.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Solaris system is missing a security patch from CPU jan2015. File : solaris_jan2015_SRU11_1_11_4_0.nasl - Type : ACT_GATHER_INFO |
2013-09-15 | Name : The remote host is missing Sun Security Patch number 125907-02 File : solaris10_x86_125907.nasl - Type : ACT_GATHER_INFO |
2013-07-16 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10579.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_29267.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_28636.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_28143.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_29244.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-442.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-276.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-311.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-312.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-332.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-270.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-336.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-495.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-423.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-038.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-039.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-066.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-074.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2003_021.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-103.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote host is missing the patch for the advisory RHSA-2003-145 File : redhat-RHSA-2003-145.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-147.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-195.nasl - Type : ACT_GATHER_INFO |
2003-01-14 | Name : The remote host appears to leak memory in network packets. File : etherleak.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:32:38 |
|
2013-05-11 12:18:13 |
|