Fedora Core 1 : kernel-2.4.22-1.2199.nptl (2004-251)

This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora Core host is missing a security update.

Description :

Paul Starzetz discovered flaws in the Linux kernel when handling file
offset pointers. These consist of invalid conversions of 64 to 32-bit
file offset pointers and possible race conditions. A local
unprivileged user could make use of these flaws to access large
portions of kernel memory. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2004-0415 to this
issue.

These packages contain a patch written by Al Viro to correct these
flaws. Red Hat would like to thank iSEC Security Research for
disclosing this issue and a number of vendor-sec participants for
reviewing and working on the patch to this issue.

Additionally, a number of issues were fixed in the USB serial code.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.isec.pl/vulnerabilities/isec-0016-procleaks.txt
http://www.nessus.org/u?bd61d86a

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 2.1
(CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N)

Family: Fedora Local Security Checks

Nessus Plugin ID: 14252 (fedora_2004-251.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0415

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now