NASLDB: Mandrake Linux Security Advisory : kernel (MDKSA-2002:041)
General
ID: 13945
Name: Mandrake Linux Security Advisory : kernel (MDKSA-2002:041)
Summary: Checks rpm output for the updated packages
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: –
Port: 0
Family: Mandriva Local Security Checks
Type: Local
Description
A problem was discovered in the CIPE (VPN tunnel) implementation in
the Linux kernel where a malformed packet could cause a crash.
Andrew Griffiths discovered a vulnerability that allows remote
machines to read random memory by utilizing a bug in the ICMP
implementation of Linux kernels. This only affects kernels prior to
2.4.0-test6 and 2.2.18; all Mandrake Linux 2.4 kernels are not
vulnerable to this problem.
Another problem was discovered by the Linux Netfilter team in the IRC
connection tracking component of netfilter in Linux 2.4 kernels. It
consists of a very broad netmask setting which is applied to check if
an IRC DCC connection through a masqueraded firewall should be
allowed. This would lead to unwanted ports being opened on the
firewall which could possibly allow inbound connections depending on
the firewall rules in use.
The 2.2 and 2.4 kernels are also affected by the zlib double-free()
problem as routines from the compression library are used by functions
that uncompress filesystems loaded into ramdisks and other occassions
that are not security-critical. The kernel also uses the compression
library in the PPP layer as well as the freeswan IPSec kernel module.
As well, a number of other non-security fixes are present in these
kernels, including new and enhanced drivers, LSB compliance, and more.
MandrakeSoft encourages all users to upgrade their kernel as soon as
possible to these new 2.2 and 2.4 kernels.
NOTE: This update cannot be accomplished via MandrakeUpdate; it must
be done on the console. This prevents one from upgrading a kernel
instead of installing a new kernel. To upgrade, please ensure that you
have first upgraded iptables, mkinitrd, and initscripts packages if
they are applicable to your platform. Use ‘rpm -ivh kernel_package’ to
install the new kernel. Prior to rebooting, double-check your
/etc/lilo.conf, /boot/grub/menu.lst, or /etc/yaboot.conf (PPC users
only) to ensure that you are able to boot properly into both old and
new kernels (this will allow you to boot into the old kernel if the
new kernel does not work to your liking).
LILO users should execute ‘/sbin/lilo -v’, GRUB users should execute
‘sh /boot/grun/install.sh’, and PPC users must type ‘/sbin/ybin -v’ to
write the boot record in order to reboot into the new kernel if you
made any changes to the respective boot configuration files.
New kernels for Mandrake Linux 8.1/IA64 will be available shortly.
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2002-0060
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: 2002/07/04
Plugin Release: 2004/07/31
Plugin
Version: 1.11
Filename: mandrake_MDKSA-2002-041.nasl
Filesize: 12730 bytes
MD5 Hash: 2cb00cd0050b7a4493c9d2a219a000c5
Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list
Dependencies: "ssh_get_info.nasl"
Copyright: This script is Copyright© 2004-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack