Detections
Analytics
Mandrake Linux Security Advisory : kernel (MDKSA-2007:226)
high Nessus Plugin ID 37602
Synopsis
The remote Mandrake Linux host is missing one or more security updates.Description
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel :The tcp_sacktag_write_queue function in the Linux kernel 2.6.21 through 2.6.23.7 allows remote attackers to cause a denial of service via crafted ACK responses that trigger a NULL pointer dereference (CVE-2007-5501).
To update your kernel, please follow the directions located at :
http://www.mandriva.com/en/security/kernelupdate
Solution
Update the affected packages.Plugin Details
Severity: High
ID: 37602
File Name: mandrake_MDKSA-2007-226.nasl
Version: 1.14
Type: local
Family: Mandriva Local Security Checks
Published: 4/23/2009
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.2
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:kernel-laptop-devel-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-desktop-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-laptop-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-desktop-latest, p-cpe:/a:mandriva:linux:kernel-source-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-desktop586-latest, p-cpe:/a:mandriva:linux:kernel-desktop-devel-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-2.6.22.9-2mdv, cpe:/o:mandriva:linux:2008.0, p-cpe:/a:mandriva:linux:kernel-desktop586-devel-latest, p-cpe:/a:mandriva:linux:kernel-laptop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop-devel-latest, p-cpe:/a:mandriva:linux:kernel-desktop586-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-server-devel-latest, p-cpe:/a:mandriva:linux:kernel-server-devel-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-laptop-latest, p-cpe:/a:mandriva:linux:kernel-doc, p-cpe:/a:mandriva:linux:kernel-server-2.6.22.9-2mdv, p-cpe:/a:mandriva:linux:kernel-server-latest, p-cpe:/a:mandriva:linux:kernel-source-latest
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Patch Publication Date: 11/19/2007
Reference Information
CVE: CVE-2007-5501
CWE: 399
MDKSA: 2007:226