Executive Summary
Summary | |
---|---|
Title | Factual correction for DSA-336-1 |
Informations | |||
---|---|---|---|
Name | DSA-336 | First vendor Publication | 2003-06-29 |
Vendor | Debian | Last vendor Modification | 2003-06-29 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
NOTE: This advisory is being released as a factual correction to DSA-336-1. In an administrative error, DSA-336-1 listed several CVE names which did not, in fact, apply to Linux 2.2.20, and omitted one vulnerability which was fixed in the updated packages. The packages are (and were) correct, and remain unchanged. The package changelog contains the correct information. This advisory provides updated information only. A number of vulnerabilities have been discovered in the Linux kernel. - - CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall) - - CAN-2003-0001: Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets - - CAN-2003-0127: The kernel module loader allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel - - CAN-2003-0364: The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions - - CAN-2002-1380: Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. This advisory provides updated 2.2.20 kernel source, and binary kernel images for the i386 architecture. Other architectures and kernel versions will be covered by separate advisories. For the stable distribution (woody) on the powerpc architecture, these problems have been fixed in kernel-source-2.2.20 version 2.2.20-5woody2 and kernel-image-i386 version 2.2.20-5woody3. For the unstable distribution (sid) these problems are fixed in kernel-source-2.2.25 and kernel-image-2.2.25-i386 version 2.2.25-2. We recommend that you update your kernel packages. NOTE: A system reboot will be required immediately after the upgrade in order to replace the running kernel. Remember to read carefully and follow the instructions given during the kernel upgrade process. NOTE: These kernels are not binary-compatible with the previous version. Any loadable modules will need to be recompiled in order to work with the new kernel. |
Original Source
Url : http://www.debian.org/security/2003/dsa-336 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:254 | |||
Oval ID: | oval:org.mitre.oval:def:254 | ||
Title: | Linux Kernel ptrace Privilege Escalation Vulnerability | ||
Description: | The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0127 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:261 | |||
Oval ID: | oval:org.mitre.oval:def:261 | ||
Title: | Linux Route Cache / Netfilter Denial of Service | ||
Description: | The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0244 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Netfilter |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:2665 | |||
Oval ID: | oval:org.mitre.oval:def:2665 | ||
Title: | Data Leak in NIC | ||
Description: | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0001 | Version: | 1 |
Platform(s): | Sun Solaris 7 | Product(s): | Sun Am7990 Ethernet Driver |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:278 | |||
Oval ID: | oval:org.mitre.oval:def:278 | ||
Title: | Linux ioperm Privilege Restriction Vulnerability | ||
Description: | The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0246 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:284 | |||
Oval ID: | oval:org.mitre.oval:def:284 | ||
Title: | Linux Kernel TTY Vulnerability | ||
Description: | Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0247 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28706 | |||
Oval ID: | oval:org.mitre.oval:def:28706 | ||
Title: | Critical Patch Update January 2015 | ||
Description: | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0001 | Version: | 3 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:292 | |||
Oval ID: | oval:org.mitre.oval:def:292 | ||
Title: | Linux Kernel mxcsr Code Vulnerability | ||
Description: | The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0248 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:295 | |||
Oval ID: | oval:org.mitre.oval:def:295 | ||
Title: | Linux Kernel TCP/IP Fragment Reassembly Denial of Service | ||
Description: | The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0364 | Version: | 2 |
Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Linux kernel ptrace privilege elevation vulnerability | More info here |
ExploitDB Exploits
id | Description |
---|---|
2013-06-10 | Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak |
2007-03-23 | Linux Kernel 2.0.x/2.2.x/2.4.x,FreeBSD 4.x Network Device Driver Frame Paddin... |
2007-03-23 | Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak) |
OpenVAS Exploits
Date | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 270-1 (kernel-patch-2.4.17-mips, kernel-patch-2.... File : nvt/deb_270_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 276-1 (kernel-patch-2.4.17-s390, kernel-image-2.... File : nvt/deb_276_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 311-1 (kernel) File : nvt/deb_311_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc) File : nvt/deb_312_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17... File : nvt/deb_332_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20... File : nvt/deb_336_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64) File : nvt/deb_423_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 442-1 (kernel-patch-2.4.17-s390, kernel-image-2.... File : nvt/deb_442_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 495-1 (kernel) File : nvt/deb_495_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2003-168-01 2.4.21 kernels available File : nvt/esoft_slk_ssa_2003_168_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
9590 | Linux Kernel mmap() Function PROT_READ Parameter Local DoS |
4569 | Linux Kernel iBCS Routines lcall Arbitrary Process Termination |
4566 | Linux Kernel TCP/IP Fragment Reassembly DoS |
4565 | Linux Kernel ptrace Attached Process Privilege Escalation |
4456 | Linux Kernel mxcsr CPU State Register Modification Linux kernel contains a flaw that may allow a local denial of service. The issue is triggered when the Linux kernel function "set_fpxregs" doesn't consider the "__copy_from_user" failed condition. This could cause the contents of the MXCSR register to be corrupted, and potentially cause a reserved bit within the register to be unexpectedly set, resulting in loss of availability for the platform. |
4455 | Linux Kernel TTY Layer Unspecified DoS |
4454 | Linux Kernel ioperm System Call Arbitrary Port read/write Access |
4453 | Linux Kernel Route Cache Netfilter IP Conntrack Module DoS |
3873 | Multiple Ethernet Driver Frame Padding Information Disclosure Multiple Ethernet Network Interface Card (NIC) Device Drivers contain flaws that may result in an information leakage vulnerability. The issue is triggered when Ethernet device drivers reuse old frame buffer data to pad packets. It is possible that the flaw may allow that may allow remote attackers to harvest sensitive information from affected devices resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-01-20 | Name : The remote device is affected by a memory disclosure vulnerability. File : juniper_jsa10773.nasl - Type : ACT_GATHER_INFO |
2015-01-23 | Name : The remote Solaris system is missing a security patch from CPU jan2015. File : solaris_jan2015_SRU11_1_11_4_0.nasl - Type : ACT_GATHER_INFO |
2013-09-15 | Name : The remote host is missing Sun Security Patch number 125907-02 File : solaris10_x86_125907.nasl - Type : ACT_GATHER_INFO |
2013-07-16 | Name : The remote device is missing a vendor-supplied security patch. File : juniper_jsa10579.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_29267.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_28636.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_28143.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_29244.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-442.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-276.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-311.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-312.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-332.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-270.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-336.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-495.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-423.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-038.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-039.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-066.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-074.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2003_021.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-103.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote host is missing the patch for the advisory RHSA-2003-145 File : redhat-RHSA-2003-145.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-147.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-195.nasl - Type : ACT_GATHER_INFO |
2003-01-14 | Name : The remote host appears to leak memory in network packets. File : etherleak.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:32:44 |
|
2013-05-11 12:18:16 |
|