Detections
Analytics
Mandrake Linux Security Advisory : kernel (MDKSA-2004:062)
low Nessus Plugin ID 14161
Synopsis
The remote Mandrake Linux host is missing one or more security updates.Description
A vulnerability in the e1000 driver for the Linux kernel 2.4.26 and earlier was discovered by Chris Wright. The e1000 driver does not properly reset memory or restrict the maximum length of a data structure, which can allow a local user to read portions of kernel memory (CVE-2004-0535).A vulnerability was also discovered in the kernel were a certain C program would trigger a floating point exception that would crash the kernel. This vulnerability can only be triggered locally by users with shell access (CVE-2004-0554).
Solution
Update the affected packages.Plugin Details
Severity: Low
ID: 14161
File Name: mandrake_MDKSA-2004-062.nasl
Version: 1.21
Type: local
Family: Mandriva Local Security Checks
Published: 7/31/2004
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Low
Base Score: 2.1
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:kernel-2.4.21.0.31mdk, p-cpe:/a:mandriva:linux:kernel-2.4.22.35mdk, p-cpe:/a:mandriva:linux:kernel-2.4.25.6mdk, p-cpe:/a:mandriva:linux:kernel-2.6.3.14mdk, p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.21.0.31mdk, p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.22.35mdk, p-cpe:/a:mandriva:linux:kernel-enterprise-2.4.25.6mdk, p-cpe:/a:mandriva:linux:kernel-enterprise-2.6.3.14mdk, p-cpe:/a:mandriva:linux:kernel-i686-up-4gb-2.4.22.35mdk, p-cpe:/a:mandriva:linux:kernel-i686-up-4gb-2.4.25.6mdk, p-cpe:/a:mandriva:linux:kernel-i686-up-4gb-2.6.3.14mdk, p-cpe:/a:mandriva:linux:kernel-p3-smp-64gb-2.4.22.35mdk, p-cpe:/a:mandriva:linux:kernel-p3-smp-64gb-2.4.25.6mdk, p-cpe:/a:mandriva:linux:kernel-p3-smp-64gb-2.6.3.14mdk, p-cpe:/a:mandriva:linux:kernel-secure-2.4.21.0.31mdk, p-cpe:/a:mandriva:linux:kernel-secure-2.4.22.35mdk, p-cpe:/a:mandriva:linux:kernel-secure-2.6.3.14mdk, p-cpe:/a:mandriva:linux:kernel-smp-2.4.21.0.31mdk, p-cpe:/a:mandriva:linux:kernel-smp-2.4.22.35mdk, p-cpe:/a:mandriva:linux:kernel-smp-2.4.25.6mdk, p-cpe:/a:mandriva:linux:kernel-smp-2.6.3.14mdk, p-cpe:/a:mandriva:linux:kernel-source, p-cpe:/a:mandriva:linux:kernel-source-stripped, cpe:/o:mandrakesoft:mandrake_linux:10.0, cpe:/o:mandrakesoft:mandrake_linux:9.1, cpe:/o:mandrakesoft:mandrake_linux:9.2
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 6/23/2004
Reference Information
CVE: CVE-2004-0535, CVE-2004-0554
CERT: 973654
MDKSA: 2004:062