Executive Summary
Summary | |
---|---|
Title | Linux kernel vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-30-1 | First vendor Publication | 2004-11-18 |
Vendor | Ubuntu | Last vendor Modification | 2004-11-18 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: linux-image-2.6.8.1-3-386 linux-image-2.6.8.1-3-686 linux-image-2.6.8.1-3-686-smp linux-image-2.6.8.1-3-amd64-generic linux-image-2.6.8.1-3-amd64-k8 linux-image-2.6.8.1-3-amd64-k8-smp linux-image-2.6.8.1-3-amd64-xeon linux-image-2.6.8.1-3-k7 linux-image-2.6.8.1-3-k7-smp linux-image-2.6.8.1-3-power3 linux-image-2.6.8.1-3-power3-smp linux-image-2.6.8.1-3-power4 linux-image-2.6.8.1-3-power4-smp linux-image-2.6.8.1-3-powerpc linux-image-2.6.8.1-3-powerpc-smp The problem can be corrected by upgrading the affected package to version 2.6.8.1-16.1. You need to reboot the computer after doing a standard system upgrade to effect the necessary changes. Details follow: CAN-2004-0883, CAN-2004-0949: During an audit of the smb file system implementation within Linux, http://isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt: Several flaws have been found in the Linux ELF binary loader's The vulnerabilities that were fixed in these updated kernel packages Another flaw could allow an attacker to read supposedly unreadable, http://marc.theaimsgroup.com/?l=linux-kernel&m=109776571411003&w=2: Bernard Gagnon discovered a memory leak in the mmap raw packet Reverted 486 emulation patch: Ubuntu kernels for the i386 platforms are compiled using the i486 Therefore support for real i386 processors has ceased. This updated Other architectures supported by Ubuntu (amd64, powerpc) are not |
Original Source
Url : http://www.ubuntu.com/usn/USN-30-1 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10330 | |||
Oval ID: | oval:org.mitre.oval:def:10330 | ||
Title: | Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function. | ||
Description: | Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0883 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10360 | |||
Oval ID: | oval:org.mitre.oval:def:10360 | ||
Title: | The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | ||
Description: | The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0949 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9969 | |||
Oval ID: | oval:org.mitre.oval:def:9969 | ||
Title: | Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | ||
Description: | Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0882 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5010817.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200411-21 (samba) File : nvt/glsa_200411_21.nasl |
2008-09-04 | Name : FreeBSD Ports: samba File : nvt/freebsd_samba0.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1067-1 (kernel 2.4.16) File : nvt/deb_1067_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-... File : nvt/deb_1070_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1082-1 (kernel-2.4.17) File : nvt/deb_1082_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
11985 | Linux Kernel smb Filesystem smb_receive_trans2 Arbitrary Memory Disclosure |
11984 | Linux Kernel smb Filesystem smb_proc_readX_data DoS |
11983 | Linux Kernel smb Filesystem smb_receive_trans2 Overflow |
11982 | Linux Kernel smb Filesystem smb_proc_readX Arbitrary Memory Disclosure |
11981 | Linux Kernel smb Filesystem smb_proc_read(X) Overflow |
11782 | Samba QFILEPATHINFO Unicode Filename Request Handler Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | SMB client TRANS response ring0 remote code execution attempt RuleID : 16531 - Revision : 11 - Type : NETBIOS |
2014-01-10 | Samba unicode filename buffer overflow attempt RuleID : 15986 - Revision : 8 - Type : SERVER-SAMBA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1069.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1070.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1082.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1067.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-60-0.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-39-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-30-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-29-1.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f3d3f62138d811d98fff000c6e8f12ef.nasl - Type : ACT_GATHER_INFO |
2005-01-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-022.nasl - Type : ACT_GATHER_INFO |
2004-12-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-505.nasl - Type : ACT_GATHER_INFO |
2004-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-537.nasl - Type : ACT_GATHER_INFO |
2004-12-13 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-549.nasl - Type : ACT_GATHER_INFO |
2004-11-30 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-460.nasl - Type : ACT_GATHER_INFO |
2004-11-30 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-459.nasl - Type : ACT_GATHER_INFO |
2004-11-19 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-136.nasl - Type : ACT_GATHER_INFO |
2004-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-632.nasl - Type : ACT_GATHER_INFO |
2004-11-16 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_040.nasl - Type : ACT_GATHER_INFO |
2004-11-13 | Name : The remote service is vulnerable to several flaws. File : samba_wildcard.nasl - Type : ACT_GATHER_INFO |
2004-11-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200411-21.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:03:32 |
|
2013-05-11 12:25:29 |
|