Executive Summary
Summary | |
---|---|
Title | kernel security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0129 | First vendor Publication | 2008-02-12 |
Vendor | RedHat | Last vendor Modification | 2008-02-12 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated kernel packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in vmsplice. An unprivileged local user could use this flaw to gain root privileges. (CVE-2008-0600) Red Hat is aware that a public exploit for this issue is available. This issue did not affect the Linux kernels distributed with Red Hat Enterprise Linux 2.1, 3, or 4. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 432251 - CVE-2008-0600 kernel vmsplice_to_pipe flaw |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0129.html |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
CAPEC-7 | Blind SQL Injection |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-28 | Fuzzing |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-42 | MIME Conversion |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-52 | Embedding NULL Bytes |
CAPEC-53 | Postfix, Null Terminate, and Backslash |
CAPEC-63 | Simple Script Injection |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-66 | SQL Injection |
CAPEC-67 | String Format Overflow in syslog() |
CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
CAPEC-72 | URL Encoding |
CAPEC-73 | User-Controlled Filename |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-80 | Using UTF-8 Encoding to Bypass Validation Logic |
CAPEC-81 | Web Logs Tampering |
CAPEC-83 | XPath Injection |
CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
CAPEC-88 | OS Command Injection |
CAPEC-91 | XSS in IMG Tags |
CAPEC-99 | XML Parser Attack |
CAPEC-101 | Server Side Include (SSI) Injection |
CAPEC-104 | Cross Zone Scripting |
CAPEC-106 | Cross Site Scripting through Log Files |
CAPEC-108 | Command Line Execution through SQL Injection |
CAPEC-109 | Object Relational Mapping Injection |
CAPEC-110 | SQL Injection through SOAP Parameter Tampering |
CAPEC-171 | Variable Manipulation |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11358 | |||
Oval ID: | oval:org.mitre.oval:def:11358 | ||
Title: | The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010. | ||
Description: | The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-0600 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:044 (kernel) File : nvt/gb_mandriva_MDVSA_2008_044.nasl |
2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:043 (kernel) File : nvt/gb_mandriva_MDVSA_2008_043.nasl |
2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17/20/22 vulnerability USN-577-1 File : nvt/gb_ubuntu_USN_577_1.nasl |
2009-03-06 | Name : RedHat Update for kernel RHSA-2008:0129-01 File : nvt/gb_RHSA-2008_0129-01_kernel.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0129 centos5 i386 File : nvt/gb_CESA-2008_0129_kernel_centos5_i386.nasl |
2009-02-27 | Name : CentOS Update for kernel CESA-2008:0129 centos5 x86_64 File : nvt/gb_CESA-2008_0129_kernel_centos5_x86_64.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-5454 File : nvt/gb_fedora_2008_5454_kernel_fc8.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-4043 File : nvt/gb_fedora_2008_4043_kernel_fc7.nasl |
2009-02-17 | Name : Fedora Update for kernel FEDORA-2008-3873 File : nvt/gb_fedora_2008_3873_kernel_fc8.nasl |
2009-02-16 | Name : Fedora Update for kernel-xen-2.6 FEDORA-2008-1629 File : nvt/gb_fedora_2008_1629_kernel-xen-2.6_fc7.nasl |
2009-02-16 | Name : Fedora Update for kernel-xen-2.6 FEDORA-2008-1433 File : nvt/gb_fedora_2008_1433_kernel-xen-2.6_fc8.nasl |
2009-02-16 | Name : Fedora Update for kernel FEDORA-2008-1423 File : nvt/gb_fedora_2008_1423_kernel_fc8.nasl |
2009-02-16 | Name : Fedora Update for kernel FEDORA-2008-1422 File : nvt/gb_fedora_2008_1422_kernel_fc7.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:007 File : nvt/gb_suse_2008_007.nasl |
2009-01-23 | Name : SuSE Update for kernel-rt SUSE-SA:2008:013 File : nvt/gb_suse_2008_013.nasl |
2009-01-23 | Name : SuSE Update for kernel SUSE-SA:2008:030 File : nvt/gb_suse_2008_030.nasl |
2008-02-15 | Name : Debian Security Advisory DSA 1494-1 (linux-2.6) File : nvt/deb_1494_1.nasl |
2008-02-15 | Name : Debian Security Advisory DSA 1494-2 (linux-2.6) File : nvt/deb_1494_2.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-042-01 kernel exploit fix File : nvt/esoft_slk_ssa_2008_042_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
41853 | Linux Kernel vmsplice_to_pipe Function vmsplice System Call Local Privilege E... Linux kernel prior to version 2.6.24.2 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The vulnerability exists because the "vmsplice_to_pipe" function does not properly validate user supplied input. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2008-2002.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0129.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080212_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-044.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-043.nasl - Type : ACT_GATHER_INFO |
2008-06-24 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-5339.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1433.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1629.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0129.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4986.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4987.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-577-1.nasl - Type : ACT_GATHER_INFO |
2008-02-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0129.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1423.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-042-01.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1422.nasl - Type : ACT_GATHER_INFO |
2008-02-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1494.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:25 |
|