Debian DSA-1183-1 : kernel-source-2.4.27 - several vulnerabilities

high Nessus Plugin ID 22725

Synopsis

The remote Debian host is missing a security-related update.

Description

Several security related problems have been discovered in the Linux kernel which may lead to a denial of service or even the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2005-4798 A buffer overflow in NFS readlink handling allows a malicious remote server to cause a denial of service.

- CVE-2006-2935 Diego Calleja Garcia discovered a buffer overflow in the DVD handling code that could be exploited by a specially crafted DVD USB storage device to execute arbitrary code.

- CVE-2006-1528 A bug in the SCSI driver allows a local user to cause a denial of service.

- CVE-2006-2444 Patrick McHardy discovered a bug in the SNMP NAT helper that allows remote attackers to cause a denial of service.

- CVE-2006-2446 A race condition in the socket buffer handling allows remote attackers to cause a denial of service.

- CVE-2006-3745 Wei Wang discovered a bug in the SCTP implementation that allows local users to cause a denial of service and possibly gain root privileges.

- CVE-2006-4535 David Miller reported a problem with the fix for CVE-2006-3745 that allows local users to crash the system via an SCTP socket with a certain SO_LINGER value.

The following matrix explains which kernel version for which architecture fixes the problem mentioned above :

stable (sarge) Source 2.4.27-10sarge4 Alpha architecture 2.4.27-10sarge4 ARM architecture 2.4.27-2sarge4 Intel IA-32 architecture 2.4.27-10sarge4 Intel IA-64 architecture 2.4.27-10sarge4 Motorola 680x0 architecture 2.4.27-3sarge4 MIPS architectures 2.4.27-10.sarge4.040815-1 PowerPC architecture 2.4.27-10sarge4 IBM S/390 2.4.27-2sarge4 Sun Sparc architecture 2.4.27-9sarge4 FAI 1.9.1sarge4 mindi-kernel 2.4.27-2sarge3 kernel-image-speakup-i386 2.4.27-1.1sarge3 systemimager 3.2.3-6sarge3

Solution

Upgrade the kernel package and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes.

See Also

https://security-tracker.debian.org/tracker/CVE-2005-4798

https://security-tracker.debian.org/tracker/CVE-2006-2935

https://security-tracker.debian.org/tracker/CVE-2006-1528

https://security-tracker.debian.org/tracker/CVE-2006-2444

https://security-tracker.debian.org/tracker/CVE-2006-2446

https://security-tracker.debian.org/tracker/CVE-2006-3745

https://security-tracker.debian.org/tracker/CVE-2006-4535

http://www.debian.org/security/2006/dsa-1183

Plugin Details

Severity: High

ID: 22725

File Name: debian_DSA-1183.nasl

Version: 1.21

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:kernel-source-2.4.27, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/25/2006

Vulnerability Publication Date: 6/27/2004

Reference Information

CVE: CVE-2005-4798, CVE-2006-1528, CVE-2006-2444, CVE-2006-2446, CVE-2006-2935, CVE-2006-3745, CVE-2006-4535

BID: 18081, 18101, 18847, 19666, 20087

CWE: 20

CERT: 681569

DSA: 1183